Google just released its brand new search technology labeled “Google Instant,” which works by dynamically accelerating search results as you type into the Google search box. Google Instant essentially predicts what users will type and rapidly makes suggestions on which search term is most relevant to what is being typed in real time.
So what? Well, we’re kind of concerned…
If you’ve followed our blog in the past, then you know that Google hasn’t done a great job in mitigating Blackhat SEO threats, which have plagued search results for years. As a test, I thought I’d search for “antivirus” and see what suggestions came up. Lo and behold, Antivir Solution Pro, a well known Rogueware infection was amongst the suggested search terms.
Let’s segue from the problem of malicious search suggestions and get right down to the real problem here. I’m more concerned how this new technology can potentially improve existing Blackhat SEO campaigns. We know for a fact that most Blackhat SEO campaigns automatically query Google’s trending topic results and now it seems that Google Instant will be suggesting those trending phrases (verbatim), potentially putting millions of victims directly in cyber criminals’ cross hairs.
Only time will tell, but we can see Google Instant aiding Blackhat SEO campaigns real soon.
Stay safe out there!
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
7 comments
All of the instant results are for removing Antivir Solution Pro. I don’t see a problem here.
Bob, the point is that cyber criminals use automated scripts to strip relevant and timely “trending topics” from Google for Blackhat SEO purposes. Now, lets say that the search term
is on the trending topic list. If you go to Google and start typing “massive worm…” then Google examines the most relevant search terms and autocompletes the search for you. Great! The only problem is that cyber criminals are targeting these exact search terms every second. 100% of trending topics are actively targeted by cyber criminals.
While using a search suggestion might produce results that include nefarious links, the fact that such links are present at all is an unrelated problem, which would still exist whether Google Instant existed or not.
The fact that trending topics can be used by Black Hat SEOs at all means that huge volumes of people are searching for those query strings intentionally and will continue to do so with or without Instant.
On the flip side, Instant’s use of trending topics also gives Google specific queries to subject to greater scrutiny when scanning for malware.