Google Highlights

On August 17, 2011, Lucas Ballard and Niels Provos, two members of Google's security team, posted a report called “Trends in Circumventing Web-Malware Detection” that has some people in the internet-security sector worried. In the blog, Google highlights, among other things, what the company has learned about web malware by analyzing 160 million webpages hosted on approximately 8 million sites in the past four years. The findings aren't good.

Google Highlights IP Cloaking

In its report, Google highlights a high use of IP cloaking since 2007. In fact, more than 150,000 sites are infected by cloaked domains per month.

IP cloaking is when a malicious website presents itself as a safe website to a search engine. It does this by hiding the real IP address. An IP address is used to identify a website. If a search engine sees the IP address of a legitimate website instead of the IP address of a malicious website, it doesn't know to block the site from the search results. Then, a user will click on the site link in the search engine results and contract a computer virus.

IP-cloaking devices can be found on the internet, so they are readily available to anyone who wants to trick search engines like Google. According to the search engine giant, the company is taking steps to uncover hidden IPs and protect users from these tricksters. The efforts Google highlights in the report seem to be working. While IP cloaking use is still much higher than it was in 2007, its use has dropped since 2009. Google's security team believes that this is a trend that will continue.

Google Highlights Social Engineering

Another form of hacker trickery that is used to infect computers is social engineering. Social engineering is when a hacker convinces a person that a download is a legitimate product or item that they need, when it is actually malware in disguise. Many times, the malware poses as a free internet security download or a software update.

According to Google, the use of social engineering has been increasing over the years. In 2006, according to the company's research, social engineering was virtually non-existent. Google highlights that it now accounts for around two percent of infection websites.

Google Highlights Drive-by Downloads

Drive-by downloads are a process wherein a hacker manipulates a viable product that you may download or use and alters it to download a virus to your computer without your knowledge. Google's research found that hackers only use a certain method of drive-by downloading for a very short amount of time and then move on to a new method. This helps the hackers avoid detection. According to Google's research, detection of drive-by downloads isn't effective because the technology is constantly changing.

Overall, Google's highlights indicate that it is getting harder for Google's anti-virus protection to detect malware and protect its users. This means that it is important for users to use additional anti-virus protection to keep their computers safe from social engineering, drive-by downloads and other malware threats.

At TopTenREVIEWS We Do the Research So You Don't Have To.™