Google hosting malware? Google says they were!

Google isn't hosting malware anymore, but according to a tool they provide that lets you check up on any domain, their own google.com at one point was indeed hosting malware (software that is installed on a users machine without their consent). After doing some digging, Tony Ruscoe found that the problems didn't stem from www.google.com, but rather video.google.com.

Of the 265674 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 05/23/2008, and the last time suspicious content was found on this site was on 03/13/2008.

Malicious software includes 4 scripting exploit(s), 4 trojan(s). Successful infection resulted in an average of 10 new processes on the target machine.

Anyway, if you are curious about the status of perhaps one of your own domains, type a similar URL into your browser's address bar (replacing blogs.zdnet.com with your own domain):

http://www.google.com/safebrowsing/diagnostic?site=blogs.zdnet.com

This functionality is related to the Safe Browsing API according to John (a Google employee) on the Blogoscoped forum. You may be interested to see the status of some other popular websites too -- try eBay and MySpace.