Following up on yesterday’s story about a massive malware attack on the “big three” search engines, which saw the manipulation of the search engines to rank malicious malware sites high in the results pages, it seems that Google has at least taken steps to remove the offending sites from their indexes. However, when questioned about the attacks, Google failed to acknowledge that there was a problem or that they had rectified it.
Researchers from Sunbelt Software who first exposed the spammy SERP attacks said today, “They appear to be zapped.” Sunbelt also said, “Google did confirm yesterday with us that they were working on the case, and they are good about nailing this stuff.”
Interestingly, Google themselves have thus far refused to confirm or deny that they have purged their index of the malware hosting sites, or that they even existed in the first place. Google did, however, issue a generic statement today which said:
“Google takes the security of our users very seriously, especially when it comes to malware. In our search results, we try to warn users of potentially dangerous sites when we know of them. Sites that clearly exploit browser security holes to install software, such as malware, spyware, viruses, adware and Trojan horses, are in violation of the Google quality guidelines and may be removed from Google’s index.”
The Google spokesman failed to answer questions about how long it takes Google to remove such results from their search index, or whether they have measures in place that are designed to protect the integrity of the SERPs and prevent sites from gaming their ranking system.
Meanwhile, Yahoo and MSN Live Search were also affected by these malware attacks. MSN said that they were aware of the issues, and were “working to rectify the situation.” Yahoo took cues from Google, refusing to comment on the attacks.
While having malware sites show up in search results is no new phenomenon, what set this attack apart from others was the massive size and scope, and how effective they were at getting thousands of malicious sites pushed up high in the ranks.