Malware hosted on Google Code project site

Malware hosted on Google Code project site

Summary: Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers

SHARE:
TOPICS: Security, Google, Malware
17

Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers, according to researchers at Zscaler.

The researchers found a malicious project hosted on the free Google Code site with about 50+ malware executables stored in the download section of the project.

According to Zscaler's Umesh Wanve, most of the files are executable files along with zipped “.rar” files.

The time stamps show that the files have been uploaded over the course of the last month. This suggests that an attacker is actively using this free service to spread malware.

Wanve said the first malicious file was uploaded on June 24, 2010 and was still active at the end of August this year, proving that Google is slow to find and remove malicious projects.

Threatpost's Paul Roberts reports that the site has since been scrubbed.

Topics: Security, Google, Malware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

17 comments
Log in or register to join the discussion
  • RE: Malware hosted on Google Code project site

    How hard is it for google to scan for these files. They manage to index the whole internet each day.
    KillBitX
    • RE: Malware hosted on Google Code project site

      @KillBitX they are too busy looking for security defects in competitors code.
      razzledazzle
      • RE: Malware hosted on Google Code project site

        @razzledazzle Nice!
        ItsTheBottomLine
      • RE: Malware hosted on Google Code project site

        was still active at the end of August this year, proving that Google is slow to find and remove malicious<a href="http://riotfest.net/"><font color="light&amp;height"> riotfest</font></a> know of knoledge <a href="http://www.netzaesthetik.com/"><font color="light&amp;height">netzaesthetik</font></a> good of the <a href="http://joysoft.net/"><font color="light&amp;height">joysoft</font></a>laptop keyboard that <a href="http://calciofc.net/"><font color="light&amp;height">calciofc</font></a> apple orange <a href="http://www.connectechporthuron.org/"><font color="light&amp;height">connectechporthuron</font></a> this is projects.
        Ndusel
      • RE: Malware hosted on Google Code project site

        @razzledazzle Thank you for this very useful information.
        <a href="http://wiki.answers.com/Q/Is_Almeda_University_degree_authentic&waAn=1">Almeda University</a>
        <a href="http://www.search4i.com/Education/Distance-Learning/62386/ashwood-university">Ashwood University</a>
        <a href="http://www.upublish.info/Article/Corllins-University/226963">Corllins University</a>
        bynes69
      • RE: Malware hosted on Google Code project site

        @razzledazzle I just want to emphasize the good work on this , has excellent views and a clear vision of what you are looking for
        <a href="http://www.nationhighschool.com/">High School Diploma</a>
        bynes69
  • Wonder how their street view lenses missed this cranny?

    I would have figured they'd have every square inch of terra mater covered by this point.

    Maybe it's time they start eavesdropping on their own cribs a bit more. ;)
    klumper
  • Google code is for project source code ...

    Google code is for project source code, any executable code there should automatically be a big red flag!
    wkulecz
    • RE: Malware hosted on Google Code project site

      Google Code is for open-source projects in general. Source code is a big part of that, but not the only part. It also includes a bug tracker, a documentation wiki, and a download section. And it wouldn't be worth much if that download section wasn't there, because most users of most projects don't want to bother with compiling the project themselves. Heck, most users don't even have the tools or technical knowhow to do it.
      masonwheeler
  • Lucid Lynx Lives! Windows is now obsolete.

    When code is uploaded to the Linux repositories, someone actually looks at it before releasing it for download. THIS is the reason you don't need a virus scanner for Linux.
    danindenver
    • RE: Malware hosted on Google Code project site

      @danindenver Nah, silly argument. The reason you don't need a virus scanner for Linux is that not enough people use Linux to make it worthwhile to write viruses for it. What, do you think that Windows viruses get spread in the Windows source code?
      smithkl42
  • RE: Malware hosted on Google Code project site

    KillBitX: "How hard is it for google to scan for these files. They manage to index the whole internet each day. "

    razzledazzle "They're too busy looking for defects in competitors code."

    Sad, but true! When Google started spending their time criticising rivals, particularly MIcrosoft, they became fair game.

    There's an old saying which Google failed to heed:

    "People in glass houses shouldn't throw stones."
    Tim Acheson
  • RE: Malware hosted on Google Code project site

    Wait a second...this is about Google, it's negative, where's Donnie Danger to the rescue?
    ItsTheBottomLine
  • RE: Malware hosted on Google Code project site

    I hate to hear that Google is "hosting" viruses. I won't use Bing so what are my options for a "safe" search engine.
    westea49
  • RE: Malware hosted on Google Code project site

    Do the previous comments indicate to me the writers know much about their topic? Mostly, "NO!". Did I miss anything? Which poster gave any info as to how this will affect us out here on the 'net, or info for avoiding the impact?

    "masonwheeler" and "smithkl42" could be the only ones above who know of which they write! To their comments I will add, "Anybody above offering the "know it all" style comments care to participate in solving this sort of security issue to prevent future dangers?" Security is a constant and growing and ever-evolving need.

    I am confused as how most of the comments following this sort of article are contributing toward any achievable solutions. (on this page, on other pages, on this site, on other sites)

    We can only hope that someday those who so value their Freedom Of Speech and so freely share their opinions will learn about their freedom to be responsible in their speech, to include "content" in their speech, and (most importantly) will discern the difference between noise and real communication.
    justjosephhere
  • RE: Malware hosted on Google Code project site

    Im glad to have found this post as its such an interesting one! I am always on the lookout for quality posts and articles so i suppose im lucky to have found this! I hope you will be adding more in the future. <a href="http://www.topgiftsformen.co.uk">Gifts For Men</a> <a href="http://www.popularchristmasgiftsideas.com">Christmas Gifts</a> .
    GiftsMe
  • RE: Malware hosted on Google Code project site

    It help me very much to solve some problems. Its opportunity are so fantastic and working style so speedy. Thanks for posting this informative article Thanks a lot for enjoying this beauty blog with me. I am very enjoyed for this blog.

    <a href="http://diagonismos.gr/">??????????????????????</a>
    chechecute