The Ghost In The Browser

Paper by Google on botnets (pdf)

Botnets are becoming more sophisticated, and pose a threat to internet users. Just by visiting a site, your PC can be compromised.

Google’s security specialist, Niels Provos, outlines Google’s approach to identifying compromised sites:

At a meeting on botnets held last month in Cambridge, Massachusetts, Provos warned that many web users are becoming the victims of “drive-by” downloads of bots from innocent websites corrupted to exploit browser vulnerabilities. As firewalls allow free passage to code or programs downloaded through the browser, the bot is able to install itself on the PC…..To test for malicious software, or malware, they loaded a program designed to simulate a computer with a vulnerable version of Internet Explorer and monitored what happened. They found around 450,000 web pages that launched drive-by downloads of malicious programs. Another 700,000 pages launched downloads of suspicious software. More than two-thirds of the malicious programs identified were those that infected computers with bot software or programs that collected data on banking transactions and emailed it to a temporary email account.”

Matt Cutts responds on this topic. As Matt quite rightly points out, Google have been onto this threat for some time now:

“we’ve been tackling malware for quite a while. Here’s some historical context.

Almost exactly a year ago, Google and other search engines were raked over the coals for exactly the opposite reason: allowing users to get infected with malware from search engine results. See
http://www.mattcutts.com/blog/siteadvisor-study/
for more background. At the time, we were already anticipating the issue and had added “Don’t create pages that install viruses, trojans, or other badware.” to our webmaster guidelines”

Tip: RoughType

  1. King CobraKing Cobra09-01-2008

    I use Firefox for this reason and I know of a site, a link partner that would never engage in such activity, being singled out in the search results when I checked for backlinks. This was a case of Google being over diligent but at the time of writing they are scanning and reporting this stuff at least so that counts for something.

    Ken
    King Cobra Poker

Leave a Reply