Users are being targeted by more than 60 million download attempts per week
Web users are faced with more than 60 million attempts to install unwanted software on their computers each week, according to Google.
The search engine released the figures along with research that indicates the scale of the industry aimed at placing nuisance programs on systems in return for payment.
Google said its Safe Browsing blacklist service, which is used by popular browsers including Chrome, Safari and Firefox, generates more than 60 million warnings each week to help users fend off unwanted software, more than three times its number of warnings for malicious programs such as viruses.
The research outlines a complex system including advertisers, affiliate networks and software publishers that Google said drives the nuisance software business.
Users often encounter this business via ads that offer popular programs or use confusing dialogue boxes or scare tactics to urge the download of software packages, Google said.
These ads are placed on web pages by affiliate networks that provide tracking technology and use sophisticated techniques to thwart search engine warnings and antivirus tools on users’ systems.
Google said it found at least 50 affiliate networks in operation, and focused on four of the largest in its year-long study.
These networks “routinely distributed unwanted ad injectors, browser settings hijackers, and scareware flagged by over 30 anti-virus engines”, Google stated.
“These bundles were deceptively promoted through fake software updates, phony content lockers, and spoofed brands–techniques openly discussed on underground forums as ways to trick users into unintentionally downloading software and accepting the installation terms,” the company said.
Ad injectors display advertisements on a user’s system, while browser settings hijackers cause browsers to display particular pages and scareware urges the user to pay to correct inexistent problems.
Google said its study, carried out with the NYU School of Engineering, collected 446,000 offers related to 843 unique software packages.
Fifty-nine percent of the offers bundled by pay-per-install affiliate networks were flagged by at least one antivirus engine as potentially unwanted, prompting installers to use increasingly convoluted techniques to get past such protections, Google said.
“While not all software bundles lead to unwanted software, critically, it takes only one deceptive party in a chain of web advertisements, pay-per-install networks, and application developers for abuse to manifest,” the company stated.
Google said it is driving a Clean Software programme aimed at encouraging software makers to provide clarity to users and to block those who don’t abide by such practices.
The company said it plans to present its findings at the USENIX Security Symposium in Austin, Texas this week.
The bulk of Google’s revenues are derived from advertising, and it has faced criticism over its failure to filter out malicious or deceptive content that may make its way into users’ systems by manipulating search results and infiltrating ad networks – a problem that also affects other search engines and ad providers.
Earlier this year the company said it blocked more than 780 million malicious advertisements in 2015.
Are you a security pro? Try our quiz!