Web Search, Browsing, Internet Advertising on Google Adding to Malware Distribution

Web searching and Web browsing activities are increasingly fraught with risks, according to a technical research paper titled "All Your IFRAMES Point to Us", published by Google on February 11, 2008.

In the paper, researchers revealed that more than 3 Million URLs deliver malicious code and 3 Million more displaying suspicious behaviors.

The paper indicates that for most of the URLs, the malware program is installed onto their page via iFrame connected to an external site or via a malicious JavaScript code. It is found that nearly 10,000 sites actually host malware.

According to the researchers, although this figure may appear insignificant in terms of the innumerable Websites accessible on the Web, yet Google search results have over 1% of pages containing malware, a percentage that has increased four times during the last nine months.

Additionally, the group of researchers also found that advertising on the Internet, the key factor for Google sustainability, is also responsible for mass-scale distribution of malicious software.

According to the paper, most of the Internet advertisements are disseminated as a third party content for the Website serving advertisements.

As per one researcher of the paper, this practice causes worry as the security of a Web page is as high as its weakest element. According to him, even if there is no exploit in a Web page, still an insecure Ad material could make the advertising Websites risky.

He further says that as players increasingly use Ad syndication, in which an advertiser can sell space for the advertisement to another advertising firm and this advertising firm can syndicate that space to someone else, the possibility of insertion of insecure content at any stage of the chain rapidly escalates. By this, Web pages can often run advertisements with illegitimate content, as reported by InformationWeek on February 12, 2008.

In the paper, the researchers further analyze the worldwide distribution of malware hosting and malware delivering Websites. They found that two-third of such sites source to China, with the US and Russia occupying the second and third positions. Further, these figures appear different for different countries.

Related article: Web Browsers Too Have Security Exploits

» SPAMfighter News - 2/22/2008