Printed from www.pcpro.co.uk
Google Blogger "hosts 2% of world's malware"
Posted on 23 Jul 2008 at 10:41
Google's Blogger service is responsible for 2% of the world's malware hosted on the web, according to a new report from security firm Sophos.
The security firm claims hackers are setting up pages on the free blogging service to host malicious code, or simply posting links to infected websites in other bloggers' comments.
"Blogger accounts for around 2% of malware," according to Sophos's senior technology consultant, Graham Cluley. "It's head and shoulders above the rest [of the blogging services]."
Cluley says Blogger is worse than other blogging services because of its close ties with the search behemoth. "The attraction for the bad guys in targeting Blogger is that things pretty much get spidered instantly into Google, because it [Blogger] is part of Google," he says.
Sophos says it doesn't blame Google for the situation and that the company is proactive in weeding out malicious sites from its search results. It also claims pre-scanning blogs for malicious content simply wouldn't work. "The sheer weight of legitimate traffic makes that unworkable," claims Cluley. "We see 16,000 malicious web pages added every day - that's one every five seconds, and that's just little old Sophos. Google may see more than that."
"You could post a link into someone's blog and even if you checked that link at the time, it may be totally harmless. In 20 minutes time the hacker says 'OK, Google's now checked me, now I'll update the page'. So you have to continually scan all of the links on all of the blog pages to do this properly. Which basically is another whole new Google, re-spidering the web to check if there's something malicious there."
Google says its users mustn't be evil. "Google takes the security of our users very seriously, and we work hard to protect them from malware," a company statement reads. "Using Blogger, or any Google product, to serve or host malware is a violation of our product policies. We actively work to detect and remove sites that serve malware from our network."
Author: Barry Collins
advertisement
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Flash 10.1: Developing for Desktop and Device
- Microsoft Office 2010 screenshots: Recover unsaved items
- Getting to grips with Microsoft's IT Health Environment Scanner
- Virtualise your servers
- The changing face of travel gadgets
- Build your own distributed file system
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
advertisement
