Search Results Attacked

March 31st, 2008 Posted in News, SEO

A new form of malware has come into existence that is attacking the search engine results of a variety of high profile websites. It is believed that this attack utilises the embedding of IFrame tags, an already common form of cross-scripting practice. This new attack differs from past forms of malware in that it specifically targets search engine results.

These unscrupulous operators have employed existing search engine optimisation techniques in order to redirect searchers to websites that contain malicious and harmful downloads. The problem can definitely be considered worrying, major companies such as Forbes, Wal-Mart and Sears have all experienced problems with this new malware.

Security experts have stated that the process of taking searcher to harmful sites has been in operation for a couple of weeks. Google have been making a clear effort to delete these infected pages; results however, have been limited.

The current estimate is that there may be as many as a million search queries that will lead searchers to an infected site. There is action that can be taken however; site administrators are able to protect their sites by plugging the input validation vulnerabilities. By doing this it is believed that the hacker’s methods of ‘seeding’ their code in pages can be prevented.

It is doubtful this will be the end however, it is believed that many companies who have high search rankings will experience some form of attack. These IFrame injections are truly worrying and mean that all administrators should be vigilant in the protection of their sites.