Google Launches Malvertising Search Engine

The Google Anti-Malvertising Team has released a search engine to help security researchers and companies that place ads check if a particular advertiser has a questionable history. Based on the Beta Google Custom Search platform, the engine can be used to look for references on a number of websites and blogs specializing in tracking malvertisements.

Malvertising is a term formed by combining malicious and advertising and refers to advertisements that are posted on websites and might be harmful to individuals for various reasons. There are many uses of malicious advertisements, ranging from malware or scareware distribution to the promotion of fake and unregulated online pharmacies.

According to statistics, tracking advertisers that make a habit of posting such high risk ads proves a difficult task to specialized networks. Proof to this fact is that malicious promotions have made their way onto popular and user-trusted websites more than once, which has significantly increased the pool of potential victims.

Google thought that making it easy to access information regarding malvertisements would have some success with interested parties and be worth the time of setting up, especially since the technology and content were already available. The tool found at www.anti-malvertising.org applies the Google Custom Search technology to a selection of websites and blogs, which constantly research malvertising developments.

"This search engine checks independent, third party sites that track possible attempts by parties to use ads to install malware. The sites included in the search results are not reviewed by Google for accuracy or completeness, and do not reflect Google's views or research conducted by Google," the team notes. The company also advises that, if a prospective advertiser shows up in the search results, it doesn't automatically mean that its intentions are malicious, but that the advertising network should do more in-depth checks.

Some of the websites indexed by the search engine include, just to name a few, the SpywareSucks blog of Microsoft MVP Sandi Hardmeier, the Sunbelt blog run by Sunbelt Software CEO Alex Eckelberry, and the SecurityFix blog of Washington Post reporter Brian Krebs.

For the time being, it is still a modest tool, but Alex Eckelberry indicates that this is only "the first iteration. They will continue to update and refine the search engine." Sandi Hardmeier states that using this targeted tool more "can certainly help reduce the 'signal to noise' ratio that can affect other search engines."