Google has once again been found to display malicious websites in search results more prominently than legitimate pages, this time within the search results of some users looking to download AMD drivers, according to a Reddit user (open in new tab) via PC World (open in new tab). Within the search results of the user.

The links in question were not part of the search results, but rather Google's contextual curated advertising links that may appear above the search results. While we were unable to replicate this result, we were able to confirm that the malicious website that appeared in the Reddit contributor's search results was real.

The site mimics the design and branding of AMD's official website, including the use of AMD's IP, with the headline "Auto-Detect and Install Driver Updates for AMD Radeon Series Graphics and Ryzen Chipsets" and links to a very suspicious .exe file download.

Needless to say, we absolutely do not recommend accessing this website, let alone downloading the .exe file. [Last month, phishers purchased Google ad space to impersonate Whatsapp (opens in new tab), and last year, a fake EVGA website created around a Memorial Day sales event became more prominent in search results than the official page This is not the first time this has happened. However, it is especially unfortunate to see Google linking to what is clearly not a legitimate website and facilitating the distribution of malware at the top of the search results page.

The malicious nature of this website should have been obvious to Google, but it would be convincing enough at first glance for the casual PC user; it is fully branded with the AMD logo, and it is a clear indication that the website is a legitimate one. In addition, there are several functioning hyperlinks that direct users to legitimate parts of AMD's official site.

Of course, most of the links are circular redirects to the same highly questionable URLs, and so on, without scrutiny. However, it is not hard to imagine someone arriving at this page, seeing the big "download," and immediately running.

We don't know what malicious .exe files might contain. But forgive me for not sacrificing my Windows installation to find out.