Web-searches can be hazardous
A study conducted by Google has found that about one in 10 web pages scrutinised by the search engine contained malicious code.Updated: May 13, 2007 00:51 IST
For their study, Google researchers surveyed 4.5 million pages to "in-depth analysis" and found that about 450,000 of them were capable of launching so-called "drive-by downloads", sites that install malicious code, such as spyware, without a user's knowledge.
A further 700,000 pages apparently contained code that could compromise a user's computer, they said.
The vast majority of these were exploiting vulnerabilities in Microsoft's Internet Explorer browser to install themselves, researchers said, adding that for addressing the problem, Google has now "started an effort to identify all web pages on the internet that could be malicious".
Drive-by downloads are an increasingly common way to infect a computer or steal sensitive information. They usually consist of malicious programs that automatically install when a potential victim visits a booby-trapped website.
Some downloads, such as those that alter bookmarks, install unwanted toolbars or change the start page of a browser, while others hijack a computer turning it into a "bot", a remotely controlled PC.
But generally drive-bys are used by criminals to install keyloggers that steal login and password information.
"To entice users to install malware, adversaries employ social engineering. The user is presented with links that promise access to 'interesting' pages with explicit pornographic content, copyrighted software or media. A common example are sites that display thumbnails to adult videos,” Google researcher Niels Provos and his colleagues wrote in a paper titled ‘The Ghost In The Browser’.
Provos and his team further found that the code was often contained in those parts of the website not designed or controlled by the website owner, such as banner adverts and widgets, small programs that display a calendar on a webpage or a web traffic counter, and are often downloaded form third party sites.
The scientists said the rise of web 2.0 and user-generated content gave criminals other channels, of attack, reports the BBC.
“For example, postings in blogs and forums that contain links to images or other content could unwittingly infect a user,” the researchers wrote in their study.
The study also found that gangs were able to hijack web servers, effectively taking over and infecting all of the web pages hosted on the computer.
Researchers said though Google already warns users if they are about to visit a potentially harmful website, by displaying a message that reads "this site may harm your computer" next to the search results, this task is not very easy.
"Marking pages with a label allows users to avoid exposure to such sites and results in fewer users being infected. However, the task will not be easy. Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web as a whole," the study further said.
First Published: May 13, 2007 00:47 IST