Google has launched a new service that notifies web surfers in search results if a website they may visit has been hacked.
The capability – which displays the warning: "This site may be compromised" – is distinct from Google's already existing malware detection system that inserts an alert – "This site may harm your computer" – beside a search result if a site may be serving malware.
According to Google, the new service seeks to identify those sites in which a hacker has compromised the site to change the content of pages or add new links and pages. The motive of the intruders, Google said, may be to phish visitors of their private information or embed spam links that can be used to improve the search results of a hacker-owned site, a tactic known as black hat search engine optimization (SEO).
Maxim Weinstein, executive director of StopBadware, a nonprofit anti-malware organization, which vets Google data to ensure the malware detection system is accurate, warned that even though the new feature does not necessarily call out sites that could harm a user's computer, they eventually may.
"I get the sense that [it is identifying] the same basic mechanism of how someone may insert malware into a site," Weinstein told SCMagazineUS.com on Friday. "The underlying security problem that could lead to one could very likely lead to the other."
He added that this service helps both web surfers and site owners.
"[Google is] saying, 'Look, we have the capability of figuring this out,'" Weinstein told SCMagazineUS.com on Friday. "'Instead of say just lowering the site in the search rankings a bit, we're actually going to flag it in a more aggressive, public way.'"
Google encourages users who see the alert to notify webmasters and ask them to correct the compromise.