25 June 2008
Google fingered as major source of Badware
By Robert McMillan, IDG News Service
Google is one of the worst offenders when it comes to hosting according to research from a Google-sponsored site.
Internet consumer advocacy group Stopbadware.org has released data on "badware" websites saying that Google was one of the top five networks responsible for hosting dangerous sites.
The numbers show that China is now a top source of malicious websites - China-based networks hosted more than half of the malicious web sites tracked by the group - but Google's appearance on the list is perhaps more remarkable. Google is a sponsor of Stopbadware.org, and it is the company that provides the raw data that is analysed by the group.
A year ago, Google did not appear on Stopbadware.org's list of the top 10 sources of badware, but recently scammers and online criminals have turned to Google's Blogger service to host malicious or spyware-related web pages, security experts say.
"Because it's free and because it's on a blog and you can post links to whatever you like, people have found ways to take advantage of this and create large numbers of free blogs that have bad links on them and in some cases even bad code," said Maxim Weinstein, manager of Stopbadware.org.
In March, Google was the top badware network tracked by Stopbadware. These latest numbers were compiled at the end of May.
The other four top networks for badware were based in China, led by a China Telecom network with 48,834 infected sites. Google was hosting 4,261 infected sites in May, Stopbadware.org said.
Last year most of the top networks were based in the US, but now Stopbadware.org says that US networks account for just 21 percent of infected sites. "The US. ... was right on the world average" when one factors in the number of Internet users, Weinstein said.
Networks based in western Europe, in contrast, had far fewer badware sites. "European hosts are either being targeted less or are doing a better job of security," he said.
Google did not respond to requests for comment on these numbers, but Weinstein said that the company has become very aggressive in cracking down on badware, which Stopbadware defines as spyware, malware or deceptive adware.
Most malicious Blogspot sites are taken down within the day, he said.
Still, Google has its critics.
"The security community has known about Google's problems for at least a year or two now, and unfortunately Google has not responded with anything other than hand waving," said Robert Hansen, CEO of SecTheory, a web security consultancy.