Commentary

Google Hosts More Malware Than Anyone Else

Security firm Sophos has been poking around the Internet on the hunt for malware and found out that Google's Blogger service is the world's No. 1 repository for the evil code. Some 2% of all malware can be found on Google's servers. Google, time to clean house.

Security firm Sophos has been poking around the Internet on the hunt for malware and found out that Google's Blogger service is the world's No. 1 repository for the evil code. Some 2% of all malware can be found on Google's servers. Google, time to clean house.Blogging services are rife with malware because just about anyone can set up a blog without having to provide positive identification. Sophos, which makes antivirus software, is constantly poking about for malware. Sophos finds a Web page with nasty code 12 times per minute, with 16,000 naughty Web pages discovered each day.

Sophos senior technology consultant Graham Cluley said, "Blogger accounts for around 2% of malware. It's head and shoulders above the rest of the blogging services. The attraction for the bad guys in targeting Blogger is that things pretty much get spidered instantly into Google, because Blogger is part of Google."


More Internet Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

Sophos notes that hackers both set up malicious blogs on Blogger, and inject dangerous Web links and content into innocent blogs in the form of comments. The most-oft used form of attack is the SQL injection, which exploits security vulnerabilities and inserts malicious code into the database running a Web site. Companies whose Web sites have been struck by such an attack often clean up their database, only to be infected again a few hours later. Users who visit the affected Web sites risk having their computer taken over by hackers, and their personal banking information stolen by identity thieves.

Google isn't sitting idly by. It is doing its best to parse search results for malicious Web sites and keep them from being linked to. But the search isn't perfect. Sophos said it's a difficult job, at best.

Cluley said, "You could post a link into someone's blog and even if you checked that link at the time, it may be totally harmless. In 20 minutes time the hacker says 'OK, Google's now checked me, now I'll update the page'. So you have to continually scan all of the links on all of the blog pages to do this properly. Which basically is another whole new Google, re-spidering the Web to check if there's something malicious there."

The good news is that Google, Sophos, and others are doing their best to prevent malware from spreading.


Related Reading




Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

InformationWeek encourages readers to engage in spirited, healthy debate, including taking us to task. However, InformationWeek moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. InformationWeek further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
T-Shirt Giveaway T-Shirt Giveaway: Each week we're selecting one great comment from our readers. The author of the comment will receive an InformaitonWeek Community t-shirt. So get posting!
Subscribe to RSS

Resource Links