Q

How does search engine malware spread?

Expert Richard Brain explains how malware can take advantage of Web crawlers and spread malicious code to a number of vulnerable websites.

How have search engines been manipulated by attackers to spread malicious code, and what are best practices to avoid search engine malware?
Yes, search engines or 'Web crawlers' have been used to indirectly attack other websites. It's actually quite an old idea which was confirmed still to function fairly recently, when Google was used to carry out RFI attacks and hack into other sites.

Search engines 'crawl' domains by looking for links to other pages or sites. The search engine then opens the link of a website page to find further links.

Search engine attacks have been demonstrated where a malicious link is added to a page, which consists of an attack, or multiple attacks, on other websites; they are then executed when the search engine opens the link. If the attack is successful, visitors to the now infected website would be at risk, and if the malware is sufficiently clever, it would add new links to attack further websites and spread the infection.

I guess such malware would these days be classified as a search engine piggyback virus, as it would not directly perform the attack(s) itself.

As an end user, best practices for avoiding search engine malware are to:

  • Make sure your computer is fully patched and is running the latest antimalware packages.
  • Try to only "visit" high-profile secure sites
  • Disable JavaScript execution on your Web browser if the site is unfamiliar.
This was last published in July 2009

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close