Search Engine Optimization Poisoning Way Up In '10 175
alphadogg writes "Cybercrooks continue to abuse the Web, boosting their ability to produce what's called search engine optimization poisoning so that individuals making use of search engines such as Google's increasingly are ending up with choices that are dangerous malware-laden URL links.
Some 22.4% of Google searches done since June produced malicious URLs, typically leading to fake antivirus sites or malware-laden downloads as part of the top 100 search results, according to the Websense 2010 Threat Report published Tuesday. That's in comparison to 13.7% of Google searches having that outcome in the latter half of 2009, says Patrik Runald, Websense senior manager of security research."
Re:Link to Actual Report and My Many Gripes (Score:4, Informative)
#1: its in asp.net, not asp (big difference)
#2: asp.net doesn't have a dependency on IE. Its browser agnostic (and thus like any other environment used for web development, it works BETTER if you're not using IE)
#3: the video is in Flash using a pretty standard Flash player that has nothing to do with asp.net.
#4: it works just fine in non-IE browsers (I'm using Chrome)
Just figured I'd clear that up.
Re:Link to Actual Report and My Many Gripes (Score:1, Informative)
For the record, works fine in FF3.6 too.
SECUNIA.COM can tell you that type of info. (Score:1, Informative)
http://secunia.com/advisories/ [secunia.com] and go there and look up your favorite webbrowser or Operating System (or even an app like Adobe Acrobat Reader), & see the lists of security advisories (and especially the UNPATCHED ones). They explain exploits in pretty good detail (could be better though, & more technical imo but I don't think they put up TOO EXACT of information because others can use that for even more crap against others I'd imagine is why), and, how they can be used against you. Sometimes though, there are "work-arounds" recommended even for these known & unpatched security advisories though (some are sort of hokey, e.g.-> "do not open untrusted files" being one example).
One thing you'll probably note though is the sheer amount of exploits that involve javascript exploits over time especially. That's usually the main tool I have seen that is used against users online in say, maliciously scripted webpages or even poisoned ad banners (yes, believe-it-or-not, especially if you haven't heard of that happening before? It happens also, and more than just a few times now for the past 4-5 yrs. in fact).
As to the addons like NoScript or AdBlock? Well, they're programmed themselves and may even bear issues/known security vulnerabilities themselves, so look into that too. That's the 1 problem with complex systems like computer programs of any appreciable relative size: Possible bugs in the way of exploitable code mistakes, and they do happen as well and might be something to also research on your part if you're concerned on this note also.
Now, on the note of maliciously scripted websites? This may help http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] because that is why, in large part, those folks make their custom HOSTS file for: To protect users against known bad sites online.
A good read on much of this is also here, in detail, from Mr. Dancho Danchev (3 yrs. worth of it in fact) as well:
http://ddanchev.blogspot.com/ [blogspot.com]
For the past 3++ yrs. now that security researcher's done a great deal of very in-depth reporting on what you're looking for in fact - sites that are KNOWN to try to "hose your computer".
APK
P.S.=> Enjoy... I think that covers a good deal of ground here for you, per your request... apk
in my experience, not as bad as Bing (Score:3, Informative)
Re:Useless Search Content (Score:5, Informative)
I'm not sure if this is relevant - but perhaps you should be using google Scholar for your academic research. It's possible that they segregrated what information you're looking for into that section.
But then again, maybe not - I don't know what kind of research you do (and I've never had a problem with springboarding with a Wikipedia article...)
Re:Malware/Spyware isn't the only problem... (Score:2, Informative)
It's not just you. I remember when I first started using google and how amazingly appropriate its results were if you knew the right search terms. Now days I'm surprised more that it does so poorly on what seems like straightforward searches.
Why is this? SEO must be part. But I also know if anything I'm looking for is even slightly related to a product, forget it, you get pages and pages of shopping results. I too, have to result on my memory and knowledge of where to look for certain things more and more.
Re:What are they searching for? (Score:2, Informative)
No, it's not 22% of search results, but 22% of searches made which contain a malicious URL somewhere in the top 100 search results. Like anyone goes all the way through to 100 results.
Some 22.4% of Google searches done since June produced malicious URLs, typically leading to fake antivirus sites or malware-laden downloads as part of the top 100 search results
Fear mongering. That is all.
Re:Search engine rankings for legitimate sites (Score:1, Informative)
Last time I googled myself (I have a fairly common name), I found on the first page a result from a page "CreateDebate" titled: is name a douche? - CreateDebate
The "debate" if you can call it that, started from a high school kid, has no details on what person he's talking about. So people, just come to the forum and say "yes, name is a douche", "no, name is not a douche" or "what name are you talking about?".
If by repeating the name over an over, the ranking goes up. Then a retarded forum of people repeating a single name, goes up really fast.
Re:Malware/Spyware isn't the only problem... (Score:3, Informative)
Re:in my experience, not as bad as Bing (Score:3, Informative)
Just yesterday I wanted to download VLC media player. Top link on Bing: repackaged with junk seach engine and crapware newsletters. Top link on Google: the home site which linked to the sourceforge download. Of course Microsoft could be doing that on purpose for Open Source software...
What country are you in? It's really only US that have Bing yet (rebranding old Live Search in all the other countries to Bing without actually having the product is an amazing decision btw..) and a search for VLC on Bing US gives me a very useful and relevant top result. With direct links to download even for Mac and Ubuntu versions:
http://imgur.com/RGqtA.jpg [imgur.com]
Re:in my experience, not as bad as Bing (Score:3, Informative)
Re:Malware/Spyware isn't the only problem... (Score:3, Informative)
As someone who is getting into SEO and Internet Marketing, I can tell you that there was a major change in the last 2-3 weeks that has lots of big names in that industry reeling.
Google makes major updates to their PageRank formula about quarterly, from what I can see.