Google's Instant search facility leads to malicious results being offered

News by Dan Raywood

Last week saw the release of the latest technology from Google to allow for faster searches.

Last week saw the release of the latest technology from Google to allow for faster searches.

Google called Instant ‘a new search enhancement that shows results as you type', which pushes ‘the limits of our technology and infrastructure to help you get better search results, faster'.

The development came from an insight that people type slowly, but read quickly, so the concept is to scan a results page while you type. Effectively it removes the search button with results displayed alongside the text box.

Among the smarter predictions and instant results, there were many concerns cited over the service.

Luis Corrons, technical director of Panda Security, said that there was security concerns when it comes to cyber criminals using Google results as a way to spread malware following the top search terms that people are using in Google searches in order to create fake websites.

He said: “Google is a very innovative company, and they are always looking for new ways to improve the user experience. In light of the launch of the new Google Instant search engine, there is a risk that cyber criminals are going to abuse this new tool.

“As users type searches into the real-time engine the opportunity for cyber criminals to infect users through black hat search engine optimisation (SEO) campaigns is increased and Google are potentially putting millions of users at risk. Users should exercise caution when clicking on unknown links and URLs.”

A detection by Websense found that there were malicious search suggestions appearing as soon as the technology was announced. It said that a search for ‘anti-virus' produced an ‘Instant' result for Antivir Solution Pro, a well-known rogueware infection that was amongst the suggested search terms.

It said: “Let's segue from the problem of malicious search suggestions and get right down to the real problem here, we are more concerned how this new technology can potentially improve existing Blackhat SEO campaigns.

“We know for a fact that most black hat SEO campaigns automatically query Google's trending topic results and now it seems that Google Instant will be suggesting those trending phrases (verbatim), potentially putting millions of victims directly in cyber criminals' cross hairs. Only time will tell, but we can see Google Instant aiding black hat SEO campaigns real soon.”

David Harley, senior research fellow at ESET, told SC Magazine that he thought the introduction of such technology ‘is part of their (Google's) model that they have to meet the immediate use for it to give it a go'.

Rich Baldry, product manager at Sophos, said: “The first concern I had was bandwidth. While some parts of the world are well endowed with low cost, high bandwidth connectivity, that is still not the case everywhere. Many organisations block access to streaming video exactly because of the high bandwidth implications. What's more relevant is how much Instant increases traffic compared to the classic Google search.

“The second issue for me is how it affects my product. We have a feature – popular in the education market – that reports on search terms, allowing school administrators to keep an eye out for potential problems on campus. Now that Google is doing searches as a user types, these reports can get pretty big pretty quickly.

“This also got me thinking about the insight that Google Instant gives into the subconscious. How many times have you opened up your browser, started typing in the Google search box and realised that you've not written what you intended to write?”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews