Google hosting malware? Google says they were!

Google hosting malware? Google says they were!

Summary: Google isn't hosting malware anymore, but according to a tool they provide that lets you check up on any domain, their own google.com at one point was indeed hosting malware (software that is installed on a users machine without their consent).

SHARE:

Google isn't hosting malware anymore, but according to a tool they provide that lets you check up on any domain, their own google.com at one point was indeed hosting malware (software that is installed on a users machine without their consent). After doing some digging, Tony Ruscoe found that the problems didn't stem from www.google.com, but rather video.google.com.

Of the 265674 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 05/23/2008, and the last time suspicious content was found on this site was on 03/13/2008.

Malicious software includes 4 scripting exploit(s), 4 trojan(s). Successful infection resulted in an average of 10 new processes on the target machine.

Anyway, if you are curious about the status of perhaps one of your own domains, type a similar URL into your browser's address bar (replacing blogs.zdnet.com with your own domain):

http://www.google.com/safebrowsing/diagnostic?site=blogs.zdnet.com

This functionality is related to the Safe Browsing API according to John (a Google employee) on the Blogoscoped forum. You may be interested to see the status of some other popular websites too -- try eBay and MySpace.

Topics: Google, Browser, Malware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

9 comments
Log in or register to join the discussion
  • If Google is not immune to this stuff

    Then how is anyone else EVER going to be, who have much less experience, manpower, etc. than Google?
    Lerianis
    • re: If Google is not immune to this stuff

      Lets face it, being as big as google makes them a very attractive target, I'd say they're less immune to this then smaller players simply because of this.
      TroyW
  • RE: Google hosting malware? Google says they were!

    I just used the link in the article to test yahoo.com. Here is the result:

    What is the current listing status for yahoo.com/?
    This site is not listed as suspicious.
    Part of this site was listed for suspicious activity 4 time(s) over the past 90 days.
    What happened when Google visited this site?
    Of the 44721 pages we tested on the site over the past 90 days, 8 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 05/26/2008, and the last time suspicious content was found on this site was on 04/17/2008.
    Malicious software includes 8334 scripting exploit(s), 23 trojan(s), 13 adware(s). Successful infection resulted in an average of 4 new processes on the target machine.
    Malicious software is hosted on 11 domain(s), including uccc.co.kr, vistop.com, doublepoint.net.
    3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including yescounter.com, xise.cn, kfyes.com.
    Has this site acted as an intermediary resulting in further distribution of malware?
    Over the past 90 days, yahoo.com/ appeared to function as an intermediary for the infection of 62 site(s) including 0558sz.cn, 23360.com, culcn.cn.
    Has this site hosted malware?
    Yes, this site has hosted malicious software over the past 90 days. It infected 770 domain(s), including 5icp.com, lz114.cn, kidsay.cn.

    Isn't that interesting?
    livelonger@...
    • RE: That Report on Yahoo

      I suggest you all do some searches on Yahoo. You [u]will[/u] find that Yahoo posts [b][u]ON[/u] THE SEARCH LIST[b] the sites it has found to be [i]suspicious[/i] in nature and even [b][u]WHAT[/u][/b] they have found about it.

      Does Google do that? ?:| ....yet?

      Now, isn't [b]THAT[/b] [i]interesting[/i]???
      btljooz
      • :8} OOPS! Sorry for the [syntax] error. :8} N/T

        :8}
        btljooz
  • RE: Google hosting malware? Google says they were!

    No fooling around. They admit it publicly and fix it. Who needs more than that?
    atari8bit@...
    • Amen.

      n/t
      FateJHedgehog@...
    • Do some searches on Y! and find out

      what more can come in quite [i]handy[/i]. ;)
      btljooz
  • RE: Google hosting malware? Google says they were!

    What about "GoogleToolbarNotifier", I never asked that to be on my machine it may not have been no consent but it certainly was without my understood consent.
    wereid