Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Purges Thousands of Malware Sites

Posted by kdawson on from the just-in-time-for-holiday-shoppers dept.

Stony Stevenson sends in word on the most massive "SEO poisoning" seen to date. The attack was directed at Google in particular and resulted in tens of thousands of Web pages hosting exploits showing up on the first page of Google searches for thousands of common terms (PDF). Sunbelt Software blogged about the attack on Monday after investigating it for months. By Wednesday Google had removed tens of thousands of malware-hosting pages from its index.

10 of 133 comments (clear)

  1. BBC News piece by MLCT · · Score: 4, Insightful

    http://news.bbc.co.uk/1/hi/technology/7118452.stm

    The sites were targeting IE exploits.

    1. Re:BBC News piece by oliverthered · · Score: 2, Insightful

      If I buy crap poor quality tools/cars/housing etc... I expect to injure myself, why should there be any difference with operating systems.

      --
      thank God the internet isn't a human right.
    2. Re:BBC News piece by Mike89 · · Score: 4, Insightful

      They could've 'poisoned' Google for months (linked to domains that didn't exist yet), then set the domains up and waited a few days for Google to recrawl. Then again, I'd have thought pagerank would be age-based too. Those search requests are the kind that show up weird dodgy sites anyway (who searches any of those exact terms anyway?!)

    3. Re:BBC News piece by darthflo · · Score: 4, Insightful

      Most users of Windows and IE don't make a conscious decision to do so. It comes preloaded with a computer they buy, they don't question it. Blaming those users for using "poor quality software" (I, for one, find Windows XP a rather pleasant os to work with; IE on the other hand...) would be like blaming any driver for using "poor quality airbags" that came with his car or "poor quality doors" that came with his house after a break-in.
      Not everybody is interested in knowing details about every single one of his possessions. You, me and the rest of the /. crowd cares about computers, but a majority of people (wild guess) probably cares as much about their inner workings as I care about the inner workings of my dishwasher. It's a tool ideally fulfilling one or more given tasks (e.g. "get stock quotes" or "clean my dirty dishes") and is to be professionally serviced upon failure to do so. Installing a more secure browser like Opera may be just as good an idea as adding multi-stage UltraSplash 3D cleaning rotors but as long as I can put dirty dishes in and get 'em out clean I wouldn't know why I should care.

    4. Re:BBC News piece by stacey7165 · · Score: 2, Insightful

      Are you kidding? Blaming Windows for this? Microsoft may be an evil giant in your eyes, but what about blaming the people behind the attack? Computers as I know it still take code written by humans to do things both good and evil. This is the moral equivalent of blaming the manufacturer of a knife in a stabbing case.

      Operating systems are the least of your issues.

  2. Re:Censoring by giorgiofr · · Score: 2, Insightful

    Type in the URL and off you go. Or am I missing something? It's not like they rooted the boxes and took them down.

    --
    Global warming is a cube.
  3. Thousands of terms? by peipas · · Score: 2, Insightful

    Is it just me or do the first five pages of "common terms" in the PDF contain the term Excel, and then the next four pages contain the term vpn? It seems to me there were two common terms in these first nine pages with random words tacked on.

  4. Re:all your base by darthflo · · Score: 4, Insightful

    Nothing (except antitrust law, maybe) stops Google from "forgetting to include" live.com in it's indexes now and this situation is quite unlikely to change in the near future. The only two reasons I think of as relevant to leave competitors in are the outrage from both the internet community and the "forgotten" competitor (perhaps culminating in lawsuits for anti-competitive behaviour, IANAL) and the desire for the own index to be perceived as fair and complete.

    An independent body deciding about the malness of any ware is, if a certain responsiveness could be guaranteed, a creepy idea. Forming such a commitee would very surely be a huge leap in the direction of an often-mentioned TCPA (Palladium, NGSCB, Donkey poop)-secured blacklist society. A small aristocraty of people in this decision commitee would become the target of a trillion-dollar industry and be able to decide exactly what piece of software is ran by anybody. On the other hand, allowing anybody to participate in these votes would guarantee this operation not to be effective because of the huge delay this would cause. The same goes for adding legal ways to fight a decision by this body - having one would cause the system to become as slow as many legal systems throughout the world are today, not having one would be a surefire way to cause dissatisfaction with lots and lots of developers (both natural and legal persons).
    Also, don't forget to take into account the current legal trouble e.g. encryption software is going through. I'm certain an independent body would decide similar to lawmakers throughout the world. Essentially, you could probably forget about running Linux (Open Source? That could run anything, including highly illegal tools like decss without any way to stop it), any cd/dvd copying software (It's fun to break the D-M-C-A (sung to the tune of YMCA)), nmap (Remember germany banning "Hacker tools"?) or anything else.

    Sorry for painting such a dystopian future, but letting any (independent, governmental or profit-oriented) body whatsoever decide what software's good and what's bad just isn't what you, me or most anybody else wants.

  5. Not everything is better with the brand you know. by twitter · · Score: 0, Insightful

    Hmmm, it's been about seven years since my browser looked like this. What does that blog say about it?

    Clicking on these links will expose the user to exploits which will infect a vulnerable system (in other words, a system that is not fully up-to-date with the latest patches).

    Those are all Microsoft Windows problems but neither of those words shows up anywhere in the articles. Instead, Google and the user are blamed. Nice.

    The less Windoze there is, the better off everyone is. Malware links are an annoyance to everyone and they directly threaten Google's business model. Google is taking care of their search listings, not making the internet safe for crappy software. We would all be better off without the crappy software that powers criminal botnets powerful enough to manipulate Google but the internet will never be a safe place for Windows.

    --

    Friends don't help friends install M$ junk.

  6. Re:Censoring by anwyn · · Score: 2, Insightful

    Freedom of the press belongs to those who own one.