According to the latest report from the AV-TEST laboratory- Twitter, Google, and other search engines like Bing, Yandex etc are increasingly flooded with malware. They have tested over 80 million links found in search engine results in 2015, and another 81 million in 2016. On the this test it revealed the presence of malicious content in 18,280 sites in 2015, and in 29,632 sites in 2016.
The Methods In Which The Malware Was Delivered
It was found that there were different types of malicious content found on these links which includes tech support scams, phishing pages, or sites pushing malware-laced downloads.
When it comes to the latter category, which includes sites pushing actual, downloadable malware, over 60 percent of these threats tried to start a direct file download just as the user landed on the site, while the rest tried to execute code snippets, or use Flash or Java exploits, reminiscent of exploit kits ,according to AV-TEST.
The top five of the most commonly pushed file types includes:
- EXE files
- RAR archives
- SWF Flash objects
- MSI installers
Besides search engines, experts stated that they also scanned tweets shared on Twitter (over 315 million tweets in 2015 and another 200 million in 2016). Despite the smaller number of links analyzed in 2016, AV-TEST says it found 1,500 links leading to malware threats, while it only found 1,100 malicious links in 2015.