New Google Service Helps Infected Websites Clean Up

May 22, 2008 – 6:14 PM

Google is now sharing details on why its automatic search deems certain Websites risky.

The search giant this month quietly added a new, free service called the Safe Browsing Diagnostic Page that tells whether a site flagged by Google as potentially dangerous is hosting malware, or helps distribute malware, for instance.

Google’s new diagnostics service provides information about any bad behavior by the site within the past 90 days. The idea is to give owners of the compromised Websites more information to assist in their remediation and cleanup of the site, and to provide users more information on why the site has been flagged.

The search giant’s automatic flagging of potentially risky Websites has been “highly accurate,” according to Niels Provos, senior staff engineer for Google, but it wasn’t easy for Webmasters and users to verify the results. “Attackers often use sophisticated obfuscation techniques or inject malicious payloads only under certain conditions,” Provos wrote in the Google security blog. “With that in mind, we’ve developed a Safe Browsing diagnostic page that will provide detailed information about our automatic investigations and findings.”

“For users, this increases confidence in our findings. For Webmasters, this information may assist them in cleaning up their servers,” Provos told Dark Reading.

Google’s new service got a nod of approval from security watchdog Stopbadware.org for pulling back the covers on Google’s site-flagging process. “We’d like to applaud Google for taking this step in greater transparency. This new resource should help website owners in cleaning and securing their sites faster, which will help protect even more internet users,” Stopbadware.org’s Erica George wrote in the organization’s blog yesterday.

Provos says the diagnostics page provides the current listing status of a site, as well as whether the site or some of its pages had been listed by Google in the past as dangerous. It also details what occurred when Google analyzed the page, when it was detected to be malicious, and what type of malware it contained, for example. Google now also reveals whether the flagged site was serving malware to users, or if it served as an intermediary for malware distribution.

Source: Dark Reading

You must be logged in to post a comment.