Google has reportedly discovered more than million computers infected with search engine hijacking malware, after it took one of its systems offline, but found large numbers of users' PC continuing to ping its servers directly.
Infosecurity notes this situation is caused by the fact that Google load balances its search engine requests across its global network, meaning that almost all search requests are re-routed from Google's front end systems to one of its many data centres around the world.
When one of its front end systems is taken offline, no search requests would then be forwarded to the relevant data centres.
On investigation, Google's security engineer Damian Menscher was able to spot a network of user computers whose web browser was pinging the data centres directly, presumably by a piece of malware that generates poisoned search routines.
According to the Krebs on Security newswire, Menscher found that the `offline' data centre was still receiving thousands of requests per second.
Interestingly, security researcher Brian Krebs says that the malware was designed to hijack results when users search for keywords at Google.com and other major search engines.
"Ironically, the traffic wasn't search traffic at all: The malware instructed host PCs to periodically ping a specific Google internet address to check whether the systems were online", he says in his latest security posting. More
