An internal survey conducted by search engine giant Google has revealed that one in every 10 pages scanned by the company is infected with malicious software that can harm the users' PC.
A team of researchers from the company conducted an "in-depth analysis" to nearly 4.5 million pages and found that over 450,000 started "drive-by" downloads, using which attackers can install malicious codes on PCs, while a further 700,000 pages were capable of compromising the users' PC.
In the report, published in the paper titled The Ghost In The Browser, Google researcher Niels Provos writes, "To entice users to install malware, adversaries employ social engineering. The user is presented with links that promise access to 'interesting' pages with explicit pornographic content, copyrighted software or media. A common example are sites that display thumbnails to adult videos."
The report said that a majority of such sites install software on the PCs by making use of vulnerabilities present in Internet Explorer. While some of the downloads are harmless, altering the bookmarks or changing the home page, a majority of them prove to be dangerous by transferring login names and passwords or credit card numbers.
Provos said that Google is making an effort to identify all pages that infect users' PC and has already started a program where users are warned beforehand whether visiting the website might harm the PC. "Marking pages with a label allows users to avoid exposure to such sites and results in fewer users being infected. However, the task will not be easy. Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web as a whole", he added.
