The study consisted of over 2,000 Netalyzr sessions initiated by customers of a dozen US ISPs. The study noticed that the redirection occurs with approximately ~170 keywords, derived from the names of large websites. Outside of these cases the search conducted by a user would direct normally to Bing, Yahoo, Google or an ISP run search engine as expected. The ISPs have used a service called Paxfire, which specializes in DNS error traffic monetization in order to hijack the select search traffic based on backroom business deals.
Source: Netalyzr - Debug your Internet, A tool and comprehensive measurement study focusing on the health of the Internet.
This study was conducted in conjunction with New Scientist and the Electronic Frontier Foundation.