Printed from www.pcpro.co.uk
Google Blogger "hosts 2% of world's malware"
Posted on 23 Jul 2008 at 10:41
Google's Blogger service is responsible for 2% of the world's malware hosted on the web, according to a new report from security firm Sophos.
The security firm claims hackers are setting up pages on the free blogging service to host malicious code, or simply posting links to infected websites in other bloggers' comments.
"Blogger accounts for around 2% of malware," according to Sophos's senior technology consultant, Graham Cluley. "It's head and shoulders above the rest [of the blogging services]."
Cluley says Blogger is worse than other blogging services because of its close ties with the search behemoth. "The attraction for the bad guys in targeting Blogger is that things pretty much get spidered instantly into Google, because it [Blogger] is part of Google," he says.
Sophos says it doesn't blame Google for the situation and that the company is proactive in weeding out malicious sites from its search results. It also claims pre-scanning blogs for malicious content simply wouldn't work. "The sheer weight of legitimate traffic makes that unworkable," claims Cluley. "We see 16,000 malicious web pages added every day - that's one every five seconds, and that's just little old Sophos. Google may see more than that."
"You could post a link into someone's blog and even if you checked that link at the time, it may be totally harmless. In 20 minutes time the hacker says 'OK, Google's now checked me, now I'll update the page'. So you have to continually scan all of the links on all of the blog pages to do this properly. Which basically is another whole new Google, re-spidering the web to check if there's something malicious there."
Google says its users mustn't be evil. "Google takes the security of our users very seriously, and we work hard to protect them from malware," a company statement reads. "Using Blogger, or any Google product, to serve or host malware is a violation of our product policies. We actively work to detect and remove sites that serve malware from our network."
Author: Barry Collins
advertisement
- Microsoft shows courage at Tech-Ed 09
- PowerPoint and Silverlight: a perfect match?
- Why all the fuss over Windows Explorer?
- Your iPhone has a virus? Well it's your fault
- Motorola pays Lucas for its Droid
- Where are the killer apps for Windows?
- Will you hit the Orange iPhone "unlimited" cap?
- USB 3 first benchmark - it's here, and it's fast
- Why Windows 7 has forced me to worry about security
- How Dixons is (under)selling Windows 7
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
- Building a better Google
- Beware HP's horrendous printer-driver glitch
- Microsoft debuts free Morro antivirus package
- Getting started with Search Server 2008 Express
advertisement
