Group says Google a top source of badware

by Robert McMillan
Be the first to comment | 2I like it!
Tags: Google, malware, Stopbadware.org
More »
on this topic
June 24, 2008, 06:47 PM —  IDG News Service — 

Internet consumer advocacy group Stopbadware.org released data on "badware" Web sites on Tuesday, saying that Google was one of the top five networks responsible for hosting these dangerous Web sites.

The numbers show that China is now a top source of malicious Web sites -- China-based networks hosted more than half of the malicious Web sites tracked by the group -- but Google's appearance on the list is perhaps more remarkable. Google is a sponsor of Stopbadware.org, and it is the company that provides the raw data that is analyzed by the group.

A year ago, Google did not appear on Stopbadware.org's list of the top 10 sources of badware, but recently scammers and online criminals have turned to Google's Blogger service to host malicious or spyware-related Web pages, security experts say.

"Because it's free and because it's on a blog and you can post links to whatever you like, people have found ways to take advantage of this and create large numbers of free blogs that have bad links on them and in some cases even bad code," said Maxim Weinstein, manager of Stopbadware.org.

In March, Google was the top badware network tracked by Stopbadware. These latest numbers were compiled at the end of May.

The other four top networks for badware were based in China, led by a China Telecom network with 48,834 infected sites. Google was hosting 4,261 infected sites in May, Stopbadware.org said.

Last year most of the top networks were based in the U.S., but now Stopbadware.org says that U.S. networks account for just 21 percent of infected sites. "The U.S. ... was right on the world average" when one factors in the number of Internet users, Weinstein said.

Networks based in western Europe, in contrast, had far fewer badware sites. ""European hosts are either being targeted less or are doing a better job of security," he said.

Google did not respond to requests for comment on these numbers, but Weinstein said that the company has become very aggressive in cracking down on badware, which Stopbadware defines as spyware, malware or deceptive adware.

Most malicious Blogspot sites are taken down within the day, he said.

Still, Google has its critics.

"The security community has known about Google's problems for at least a year or two now, and unfortunately Google has not responded with anything other than hand waving," said Robert Hansen, CEO of SecTheory.org, a Web security consultancy.

Google could make it harder to host malicious code on Blogspot, but that would cut down on the number of things that its users could do with the site, Hansen explained. "Google allows full unrestricted JavaScript. MySpace.com takes a lot of precautions to not allow that by contrast ... it's much harder to put malicious JavaScript on MySpace than it is Blogspot."

IDG News Service

I like it!
Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
Free books

Build your tech library with our book giveaways.

Windows PowerShell 2.0 Unleashed
By Tyson Kopczynski, Pete Handley, Marco Shaw; Published by Sams

Windows PowerShell Unleashed will not only give you deep mastery over PowerShell but also a greater understanding of the features being introduced in PowerShell 2.0–and show you how to use it to solve your challenges in your production environment. Enter now!

 

Ubuntu Server Administration
By Michael Jang; Published by McGraw-Hill Osborne Media

Realize a dynamic, stable, and secure Ubuntu Server environment with expert guidance, tips, and techniques from a Linux professional. Ubuntu Server Administration covers every facet of system management -- from users and file systems to performance tuning and troubleshooting. Enter now!

Featured Sponsor
Case Study: AISO grows its "green" business

AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.

Download this white paper »
Myth of the Million Dollar Database

In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.

Download this white paper »
Success Story: Weather.com handles whatever nature serves up

On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now.

Download this white paper »
More Resources