Thursday, June 21, 2012

Google finds about 9,500 new malicious websites every day

Combating malware, in an age where ignorance could leave one with an infected system is crucial and Google with their Safe Browser aimed at protecting scores of users from the dangers of malware and phishing. Now five years on its Safe Browsing route, Google has in an official blog post revealed that each day they discover about 9,500 malicious websites. While some of these websites are innocent websites that have been bogged down by malware, there are others that are built for distributing malware or phishing. "While we flag many sites daily, we strive for high quality and have had only a handful of false positives," they added further. 

At present their protection covers popular web browsers, such as Chrome, Firefox and Safari, in addition to the protection of their search results and ads.

Chart 2

To give their users a better perspective of the achievements of their Safe Browser, Google states that they protect 600 million users through built-in protection for Chrome, Firefox and Safari and that each day they show several million warnings to Internet users. Google reiterates further that when users do spot a red warning pop-up on their screen, they should not visit these sites flagged as malware or phishing sites. The post further states that Google has found that each day about 12-14 million Google Search queries depict their attempts to advise users against visiting sites that are currently compromised, and this warning gets cleared, once the site in question "has been cleaned up."

Through their download protection service for Chrome, Google claims to provide malware warnings to about 300 thousand downloads, each day. The post further adds, "We send thousands of notifications daily to webmasters. Signing up with Webmaster Tools helps us communicate directly with webmasters when we find something on their site, and our ongoing partnership with helps webmasters who can't sign up or need additional help. We also send thousands of notifications daily to Internet Service Providers (ISPs) & CERTs to help them keep their networks clean. Network administrators can sign up to receive frequent alerts."

Phishing is one of the vices that Google has been fighting. Through the course of their Safe Browser program, they observed that many of these phishers "go right for the money." They add "that  pattern is reflected in the continued heavy targeting of online commerce sites like eBay & PayPal." The report alarmingly highlights that though the same techniques that were being used 5+ years ago, are being put to use even today these attackers are successfully tricking people. The attacks, too are getting more creative and sophisticated. The report, in a nutshell describes these modern attacks as being faster, more diverse and as being used to distribute malware.

Instances of malware, too have been found to be on the rise. And the report lists down two main categories of websites that can harm users, these are - 

  • Legitimate websites that are compromised in large numbers, so they can deliver or redirect to malware.
  • Attack websites that are specifically built to distribute malware are used in increasing numbers.

It adds, "When a legitimate website is compromised, it’s usually modified to include content from an attack site or to redirect to an attack site. These attack sites will often deliver "Drive by downloads" to visitors. A drive by download exploits a vulnerability in the browser to execute a malicious program on a user's computer without their knowledge."

Image credit: Getty Images

No comments:

Post a Comment