Now Google itself is getting in on the act. Last week, they released a PDF report released “All Your iFRAMEs Point to Us.” (Silly Googlers. Can’t even get the joke right. I believe you meant to say “All Your iFRAME Are Point to Us.” You know, like you titled your blog post about it?)
In this report, Google finds that “approximately 1.3% of the incoming search queries to Google’s search engine returned at least one URL labeled as malicious in the results page.” Google finds this troubling; good for them. They should probably work on that, especially if they already know that the individual URLs and TLDs are malicious.
However, I find it rather encouraging. To me, that sentence says “almost 99% of search queries return only perfectly harmless results.” Woot.
The study looks at the intricacies of drive-by downloads and related problems, as well as malware injection via ads. They find that most of the malware originates in and affects computers in China, and that it is frequently found in on-site advertising.
The study checked over 66.5 million URLs and found that 5.1% were “suspicious,” and another 5.1% were malicious. The results are approximately in line with McAfee’s previous findings that 3% to 4% of organic results lead to malicious sites, though the Google study looked at the Internet at large.