Google has flagged itself as a malware risk
April 22, 2016
Shah Sheikh (1294 articles)
Share

Google has flagged itself as a malware risk

Google.com can be a source of malware infections – and this is according to Google itself, no less.

If you check out the Safe Browsing Site Status of the search giant’s transparency report and enter Google.com as a URL to be checked, you’ll be informed that the current status of the site is ‘partially dangerous’.

“Some pages on Google.com contain deceptive content right now,” the status warns.

It elaborates further on the site safety details below giving four warnings, including the fact that: “Some pages on this website install malware on visitors’ computers.”

There’s also a warning on phishing dangers: “Attackers on this site might try to trick you to download software or steal your information (for example passwords, messages, or credit card information).”

The warnings also note of Google.com that “some pages on this website redirect visitors to dangerous websites that install malware on visitors’ computers”, and that a number of dangerous web pages have been sending visitors to Google.com.

What’s interesting is that yesterday Google had flagged itself as partially dangerous, but later in the day that status was changed to ‘not dangerous’ – and the phishing warning text had been removed. But this morning it’s back, and the site is once again marked as partially dangerous.

We’d assumed this change happened because Google had fixed some issues pertaining to phishing-related links perhaps, but apparently not – either that, or similar problems have cropped up again this morning.

Of course, it’s not really a revelation that some links from Google could lead to malware – it’s a sprawling and seething mass of links, and it’s not surprising that a small percentage of those will go to nasty places.

Commendable transparency

How much malicious content is related to Google sites? Lance James, Chief Scientist at dark web intelligence outfit Flashpoint, notes: “Google is a service provider that provides content hosting to their users as well. My investigation shows that 0.5% of maliciousness is hosted on Google sites – including the Google url shortener urls as well as blogspot, and user content servers they host. It is a good thing that Google is being transparent about these findings and including themselves in their malicious dataset.”

James further observed: “The Google Safe Browsing plugin can be useful when checked prior to browsing to sites, including Google-run sites. Google offers multiple ways one can use it including within the browser or as an API call in applications to check malicious websites prior to clicking on them. It is recommended to look into incorporating this capability into your browsing experience if possible.”

Google says that a billion people across the globe make use of Safe Browsing, which delivers warnings to Chrome, Firefox and Safari users when they’re about to visit a site with a malicious payload.

Source | TechRadar