Google has carried out a purge of its search engine rankings, removing thousands of malware sites that were appearing in search results for hundreds of keyword searches.
Google, along with Microsoft Live Search and Yahoo had been subjected to a coordinated campaign to spread malware through results on these three and other search engines.
US web security firm Sunbelt Software Distribution had broken the news on Monday this week, informing the search engines about the attacks, and, according to the firm, Google has now taken action to remove the malicious websites from its index.
According to Sunbelt CEO Alex Eckelberry told PC World:
“Google did confirm yesterday with us that they were working the case, and they are good about nailing this stuff.”
The search engine giant refused to confirm that it had removed approximately 40,000 malware sites from its search results, and instead issued this statement:
“Google takes the security of our users very seriously, especially when it comes to malware. In our search results, we try to warn users of potentially dangerous sites when we know of them. Sites that clearly exploit browser security holes to install software, such as malware, spyware, viruses, adware and Trojan horses, are in violation of the Google quality guidelines and may be removed from Google’s index.”
According to Sunbelt, these sites were packed with Trojans and other malware, and the group behind the attacks, which were mainly directed at Google, managed to get these sites higher up the search engine rankings by spamming blogs and other site’s comment sections with links.
Having malware sites show up in search results is nothing new, but the size and scope of this attack set it apart from others, as well as the fact that it was highly effective at getting thousands of malicious sites high up in the search rankings.