Bing Tops Google in Malware-Ridden Search Results
Do hackers writing malware-stuffed links in search results find a way to avoid Google's search bots? That may explain a new report from a German security firm evaluating the safety of results returned by some of the world's top search engines, including Google, Bing, Baidu and Yandex. The news isn't good for Bing, but the search engine says it's working hard to find those poisoned links and sniff out hackers when they use SEO techniques.
04/13/13 5:00 AM PT
Bing may be engaged in a "Scroogled" marketing campaign, but an 18-month study by an antivirus security firm shows that Microsoft's search engine may need to play some defense, thanks to results showing more malware-infected links popping up in its search results than for Google.
The study by AV Test showed that despite the best efforts of the world's leading search engines to provide safe links in their results, those searches can still lead users to sites containing malware.
In addition to Bing and Google, AV Test evaluated Baidu, Yandex, Blekko, Faroo, and Teoma. The firm evaluated 40 million websites returned as search results. Yandex accounted for 13 million results, Bing and Google Search for 10 million each, and the others accounted for the rest.
In all, AV Test found 5,000 pieces of malware in the results. Yandex, a Russian search engine, returned the most dangerous links with 3,330. Bing had 1,285 malicious links out of its 10 million results while Google returned 272 malicious links.
Malware authors are also using search engine optimization to ensure their poisoned websites rank high in search engine results, AV Test found.
"Antivirus companies have known about [poisoned search results and hackers using SEO] for years," Craig Kensek, senior marketing manager at AhnLab, told TechNewsWorld.
"The study wasn't about describing this well-known fact again, it was about providing current numbers," said AV Test CEO Andreas Marx. "We also wanted to compare if there are differences regarding the search engines" in terms of filtering out malware.
Bing Bangs Back
Bing "is able to detect pages consisting of machine-generated spam, keyword stuffing, redirect spam or malware, allowing [it] to effectively remove such sites from results," Bill Hankes, Bing director told TechNewsWorld. "This is done through constant innovation on finding ways to detect the various evolving versions of the kinds of spam techniques we face."
Among other things, Bing has developed "several ranking signals to help weed out spam results and better understand the intent of the searcher," Hankes said.
The finding that Bing's searches are less secure than Google Search "is weird, because Bing pulls so much from Google's search algorithm that Google has complained about this," said Rob Enderle, principal analyst at the Enderle Group. "So either the survey methodology is flawed or Microsoft is not pulling from Google search results now."
AV Test's figures "indicate that Google is more secure, but that is not necessarily because Google is better at this," Marx told TechNewsWorld. "It is known that some malware writers try to avoid Google bots."
Google did not respond to our request to comment for this story.
What The Findings Might Mean
The report indicated that the number of malware-laced pages has gone down, but "the results of such studies can vary significantly depending on the exact methodology used," Zulfikar Ramzan, chief scientist at Sourcefire, told TechNewsWorld.
Malware authors "employ a number of techniques to stay ahead of the game," he said. One is presenting different sets of results to different people. For example, security or search engine vendors will be given a benign result when analyzing a page, while consumers will be hit with the malware.
Those spreading the malware may also try to repeatedly compromise sites and sneak into them just after the sites have been scanned for threats.
SEO is exploitable by its very design, and exploitation by malware authors is an ongoing threat, said Randy Abrams, a research director at NSS Labs.
A Clear And Present Danger
While only 5,000 poisoned search results were discovered out of 40 million, "It's gaming the ranking system that creates the issue," Enderle told TechNewsWorld. "That gaming means people would hit these sites far more often than they otherwise would."
"This report doesn't touch upon potential phishing sites that might be returned or spam results," Abrams told TechNewsWorld. "The odds of finding malware in a search result are astronomically higher than the odds of a jet crashing because you didn't turn off your cell phone prior to takeoff."