Critical Infrastructure Security, Incident Response, Network Security, TDR, Vulnerability Management

Google to offer webmasters samples of malware code

Google announced this week that it will provide certain website administrators samples of malicious code found on their sites to help them clear the infection.

The new feature is part of Google's free Webmaster Tools suite that was launched in 2005 and helps webmasters improve their sites' search ranking, diagnose website problems and share information with each other.

Google traditionally has notified website owners if their properties are harboring malware. But under the new initiative, the search giant will provide registered members of Webmaster Tools with samples of malicious code found on their sites.

The samples that are detected on sites “typically take the form of injected HTML tags, JavaScript or embedded Flash files,” Google engineer Lucas Ballard said on the company's Online Security Blog this week.

The new feature will allow website administrators to identify hacker code on their sites, but it won't help explain how it got there, Jeremiah Grossman, founder and CTO of WhiteHat Security, a web application security firm, told on Thursday.

“They will be able to clean up the pages, but re-infection would [likely] happen within days,” Grossman said.

Ballard said webmasters should consider the new feature “just a starting point in their site cleanup process.” Beyond just removing the malicious code, administrators should also determine and fix the vulnerability that attackers exploited to inject the site with malware, he recommended.

Grossman said Google is slowly and consistently making security gains. "They are not resting on their laurels.”

Undertaking this service makes sense considering Google does not want users who trust its search results to visit sites infected with malware, Grossman said. That could cause reputational harm for Google.

Last year, Google began notifying certain webmasters if their sites are running out-of-date web server software that could provide an open door for hackers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.