Google: 10 percent of sites are dangerous
Last week Google published a study called The Ghost in the Browser: Analysis of Web-based Malware (PDF link) to warn users of the increasing threat posed by malicious software that can be downloaded on to their computers while they surf the web.
Quote:
The search giant conducted in-depth research on 4.5 million Web sites and found that about 1 in 10 Web pages could successfully "drive-by download" a Trojan horse virus onto a visitor's computer. Such malicious software potentially enables hackers to access sensitive data stored on the computer or its network, or to install rogue applications.
In other news, Google is releasing a horror movie this summer with the same title as this report. Look for "The Ghost in the Browser" in a theater near you by August. ;)
- 0 agreed / 0 disagreed
- Login to post comments
User login
Editors
*Active* Threadwatch Editors
Comments
..
Only 10 percent?
Sounds like a low-ball number to me.
Too high
I don't think it's possible that 10% of legit domains could be infected otherwise you would see this all over Google's SERPs:
Maybe my view of the online universe is too narrow and Google is counting all the junk domains and subdomains that the slimeballs crank out by the ton.
However, with that said, they should just flag some massively infested hosts like iPowerWeb for all their domains because they are constantly infected and when one domain is cleaned up another pops right back up and Google doesn't know about it whatsoever.
Check this out:
view-source:http://affordablekarate.com/
See the script at the top of the page and the link to http://81.95.146.98?
It appears the source of the malware at http://81.95.146.98 has been disabled or is broken, but the iPowerWeb server is still filthy with domains that contain the scripts linked to the infected pages and of course Google missed it, or ignored it because the malware source file is temporarily down:
http://www.google.com/search?hl=en&q=affordablekarate.com
And so was this one:
view-source:http://cattocreations.com/
http://www.google.com/search?hl=en&q=cattocreations.com
And all of these are infected but Google doesn't know about it and they're on the same server too...
comunicandonos.net
denchysystems.com
futurepda.com
haninweb.com
lovesincredibleedibles.com
marstontechnical.com
... and on and on... lots of 'em
However, Google did flag this one from that server:
http://www.google.com/search?hl=en&q=caribbeanfeed.com
I'm wondering if Google is removing the interstitial warning now that the referenced malware file isn't currently available, which could be very dangerous if that's the case because the malware guys could just pull the file, wait for a reindex, then put the file back online since all the domains are still infected.
Guess I'll just have to watch this for a bit longer and see how it plays out, but it looks like they may have found a loophole around Google's security checks.
The "study" is trying to
The "study" is trying to hide the truth and shift the blame (standard google stuff).
Here's the REAL deal:
Safety of Internet Search Engines
Good call, hardball.
Good call, hardball.
Adwords is a driveby
Adwords is a driveby paradise:
Is your PC virus-free? Get it infected here!
I thought this bit was funny: