Google: 10 percent of sites are dangerous

By Tim Ferguson
Special to CNET News.com Published: May 15, 2007 7:56 AM PDT

Tools

Related Stories: Web threats to surpass e-mail pests
April 24, 2007; Web attackers get better at hiding
April 18, 2007; Super Bowl stadium site packed Trojan horse
February 2, 2007; Phishing overtakes viruses and Trojans
January 30, 2007; Trojan horse: Your money or your files
April 28, 2006; Trojan horse spies on Web banking
November 11, 2004; Researchers warn of infectious Web sites
June 25, 2004

Google is warning Web users of the increasing threat posed by malicious software that can be dropped onto a computer as a Web surfer visits a particular site.

The search giant carried out in-depth research on 4.5 million Web sites and found that about one in 10 Web pages could successfully "drive-by download" a Trojan horse virus onto a visitor's computer. Such malicious software potentially enables hackers to access sensitive data stored on the computer or its network, or to install rogue applications.

Google's report (PDF: The Ghost in the Browser: Analysis of Web-based Malware), published last week, said the rise in Web-based malicious software has been aided by the increasing role that the Internet plays in everyday life, along with the ease in setting up Web sites.

Graham Cluley, senior technology consultant at Sophos, said Google is highlighting a worsening trend and "a considerable problem" for businesses and individual Web navigators.

An average of 8,000 new URLs containing malicious software emerged each week during April, Cluley said, adding that the notion that such software resides only in the darker corners of the Internet is very outdated. Seventy percent of Web pages hosting rogue software are found on legitimate sites targeted by hackers, according to Sophos.

To place malicious software on Web sites, hackers are manipulating Web server security, user-posted content, advertising and third-party widgets, Cluley said. "They used to spread malware by e-mail attachment. What they do now is spam out URLs."

Cluley warned businesses that they "cannot protect users by restricting what sites they go to. You need to start protecting your Web access as well as your e-mail gateway."

Tim Ferguson of Silicon.com reported from London.

More from News.com on this story's topics: Viruses and worms
Create an email alert | RSS feed; Hacking
Create an email alert | RSS feed; Web sites
Create an email alert | RSS feed; Google
Create an email alert | RSS feed

See more CNET content tagged:
Graham Cluley, malicious software, Sophos Plc., hacker, Google Inc.

Add a Comment (Log in or register) 19 comments (Page 1 of 1)

That's why I use Opera
by RompStar_420 May 15, 2007 8:52 AM PDT: In opera you can turn off: Java, Java Script, Plugins, pretty much everything, so that the browser is processing only HTML, basics, and you can enbed things like that in straight HTML, only that is read and everything else is thrown out. No other browser allows for this that easily to be done to my knowledged, that's why Opera is my choice for a web browser.; Reply to this comment View reply
Processing

Uhm. Actually
by thartist026 May 15, 2007 9:08 AM PDT: The news headline should actually read that 10% of sites Google LINKS to are dangerous due to click fraud.; Reply to this comment

So how do we guard oursleves from this?
by donjonson May 15, 2007 9:22 AM PDT: This is good to know but what does the average user do to protect themselves? I use firefox is that good enough?; Reply to this comment View all 3 replies
Processing

0% Dangerous if you use a Mac.
by Anon-Y-mous May 15, 2007 5:25 PM PDT: Problem solved; Reply to this comment View reply
Processing

Google's alliance with StopBadware.org - a major problem brewing
by Larry Launstein Jr May 16, 2007 3:39 AM PDT: One of my client's sites, Durand Railroad Days, got flagged with a warning page that pretty much blocked people from visiting that site from Google. I consider this to be heavy-handed and unfair. Why should I or my clients have to suffer the consequences of someone illegally hacking into my clients or my own server space? They could be taking a leadership role by working with designers and hosts like myself. Instead, they put up an arbitrary warning page, which runs the risk of damaging the reputation of the client or designer. They have also been singling out hosts. They should be working with these people, not at them! Another thing: All my clients have contact information on their sites, and I have my web address on all. There is no reason why they cannot contact the client or myself directly to inform us of the problem, what the problem is, and what needs to be done to fix it. Sure, every solution is different. But if Google and StopBadware are really interested in being responsible, they will go the extra mile here, instead of putting arbitrary warnings on a link to a site. I don't like having my reputation slammed, nor that of my clients, and I go to great pains to encourage people to learn more about identity theft and malicious software, viruses, worms, and Trojan horses. BTW: I run a Mac. But they can also get inflicted, especially the new ones that can run both Windows and Mac software.; Reply to this comment View reply
Processing

Really?
by the editor May 16, 2007 4:09 AM PDT: I no longer trust Google for anything. They have now put themselves as the "High Priests" of the Internet. All the while they do not index most Websites unless paid to do so> How can anybody trust one search engine against the hundreds ones that get better results. If you have enough money then you are indexed by Google. Money buys fake publicity that the public buy into without even doing any research. I know this first hand since our non-profit website was paying for someone to do our indexing. All was wonderful until we could not longer pay. Suddenly out traffic went through the roof as other search engines indexed our Website for free. Do not listen to the billion dollar boys at Google tell you they are the "police" of the Internet. All they know how to do is count your dollars as you pour them over to their sponsors and indexers that pay Google. What a load of bull!!; Reply to this comment View reply
Processing

That is why I use Oxygen browser
by Dean_Ansari May 16, 2007 8:20 AM PDT: Want to be free of being Hacked by malicious web sites, either switch to Mac or if you are on Windows as I am, as 98% of people are, use Oxygen web browser by Netdive. You can download it for free here: http://www.netdive.com/oxygen/download.htm Oxygen is free, and best of all it is fast, since it is not loaded with junk/extra software as IE or FF are. Cheerio; Reply to this comment View reply
Processing

Interesting...
by Ted Miller May 16, 2007 10:02 AM PDT: due to the fact that many dangerous sites are sponsered by Google. I am not picking on google itself, I do use their search engine and I do not mean that stupid toolbar they try to keep shoving down my throat. As a matter of fact most dangerous sites are recieved after a person downloads a toolbar of sorts. WHY IS GOOGLE FOLLOWING THIS PATH?; Reply to this comment

Software can prevent
by red541 May 29, 2007 8:28 PM PDT: There are numerous software titles out there that help prevent this type of malicious software from attacking your computer. If your computer is infected and you know the website where the software came from then a swift notice to their web hosting provider would be in order; Reply to this comment