Malware infected PC's are rapidly becoming the most common support issue for many IT vendors. Client's PC's that become infected with Malware are all but unusable, not to mention key logging of critical information, becoming an unwilling member of a zombie bot-network or being subjugated to random pornographic advertisements. Needless to say, people are not happy once their PC’s become infected, nor is the IT cost of malware removal particularly pleasing. Clients always want to know, how did I get malware?
My answer to them is, “from using the Internet.” Cybercriminals have utilized search engine optimization poisoning techniques with astounding effectiveness. On today’s Internet performing a web search using common search sites, such as Google, can yield a significant number of results which direct users to unsafe malware-laden URL links. A recent study has shown that some 22.4% of Google searches performed since June 2010 produced malicious URLs within the first 100 results (Websense 2010 Threat Report). Compare this number to just 13.7% during the first half of 2009.
Recent trending shows that searching the Internet for adult material and other more scandalous topics is actually less risky than searching for news items, entertainment and other common subject matter material. Commonly recognized news sites such as CNN and Fox News are not sources for malicious links, but search results can yield links designed as malware traps to fool people. This is particularly evident during major events or crisis situations, where web searches for a particular topic are accelerated (World Series, Haiti Earthquake and Brett Favre).
Victims doing the search that end up clicking the bad URL, find themselves at “rogue anti-virus” sites where someone is attempting to sell fake software. This is where exploits in browser and operating system technology are utilized to bypass security measures and gain a foot hold, infecting the user’s PC. Websense’s 2010 Threat Report states that the number of web links to malicious content is up 111% in 2010 from 2009. Malicious sites themselves have seen growth of around 1 million per month in April 2009 to 2 million today and some 80% of legit websites have at one time been compromised in some manner.
It is also worth noting that social-networking sites (Fakebook, Tweeter, etc.) are now the most common carriers for malware and spam.