RealTime IT News

Google Wants Your Help to Fight Malware

Google has created one of the most powerful search tools in the history of Web humanity. One of its goals along the way was to archive all of human knowledge. Another was to not be evil.

But the company discovered that at the intersection of archiving all human knowledge and not being evil is malware. In its pursuit of archiving the Web, Google has inadvertently become a tool for discovering and deploying malware. Now Google wants to turn the tables on malware and wants you (yes, you, good reader) to report malware to Google when you find it.

"Currently, we know of hundreds of thousands of Web sites that attempt to infect people's computers with malware," Google developer Ian Fette wrote in a blog post. "Unfortunately, we also know that there are more malware sites out there. This is where we need your help in filling in the gaps."

Google's plea for assistance follows an incident earlier during the week when security firm Sunbelt Software identified thousands of search terms that led to malware. The company didn't only point out sites that discussed malware, but also actual sites hosting drive-by code, whereby the simple act of visiting the page could be enough to infect a user's computer. The sites identified by Sunbelt have now been purged from Google's index.

"We worked closely with Google on this yesterday and they were very aggressive on handling the problem," Alex Eckelberry, president and CEO of Clearwater-based Sunbelt Software, told InternetNews.com.

He's not even miffed that Google did not credit Sunbelt in its post. "We work with them regularly, and they've already given us public credit for our work," Eckelberry said. "I will say Google is very responsive to this type of stuff and from a security perspective, very easy and fast to work with."

Though Google wants to cut down on malware, the effort may not necessarily deter Google hackers.

The act of using Google for security purposes is sometimes referred to as "Google hacking." One of the most infamous proponents of Google hacking is Johnny 'I hack stuff' Long who literally wrote the book on the subject.

Long thinks Google's new reporting initiative is a great idea.

"Google's had this unofficial 'do no evil' motto, and this effort supports that," Long told InternetNews.com. "Lots of browser-targeted intrusions originate from traditional Web surfing sessions, and most folks use Google as their Internet surfing origination point. A Google-based security wedge against malware is a terrific idea, and it should cut down the numbers of these types of infections significantly."

Long noted, however, that e-mail remains an attack vector for malware delivery, though Gmail now has an integrated virus-scanning feature. He expects that it's only a matter of time before Gmail will incorporate the malware click-through protection Google offers for Web searches, protecting e-mail users as well.

Google's outreach effort to get users to report malware isn't necessarily going to impede the security research done by Long and those of his ilk. Long said he doesn't think Google hackers search for malware.

"Google hacking is an attempt to get at interesting, amusing, or ridiculously exposed online data," Long explained. "Great Google hackers have moved well beyond this space technically, enabling them to do really amazing things to a target through Google, but even those advanced attackers are not surfing the Web for malware."

The reason attackers don't use Google for malware is simple: They've got other places to go.

"Most in search of malware for offensive use know the good stuff -- it ain't distributed through public Web," Long said. "It's distributed through dark Web servers, peer-to-peer networks, IRC channels, torrents and the like.

"Google's efforts will not affect how skilled hackers get access to malware," he added.