Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Blogger "Hosts 2% of World's Malware"

Posted by kdawson on from the whole-other-web dept.

Barence writes "Google's Blogger service is responsible for 2% of the world's malware hosted on the Web, according to a new report from security firm Sophos. The company claims hackers are setting up pages on the free blogging service to host malicious code, or simply posting links to infected websites in other bloggers' comments. 'Blogger accounts for around 2% of malware,' according to Sophos's senior technology consultant, Graham Cluley. 'It's head and shoulders above the rest [of the blogging services].'" Sophos believes that Blogger is favored because, being part of Google, it gets spidered early and often.

29 of 134 comments (clear)

  1. A warning by Anonymous Coward · · Score: 4, Funny

    When I installed Linux it asked me for my credit card number. Two days later I got a call from Wachovia asking me if I had purchased $400 worth of Totino's pizza rolls and Mountain Dew (I hadn't). Let this be a warning to all of you out there in the Internet.

    1. Re:A warning by thePowerOfGrayskull · · Score: 4, Funny

      I have money in an offshore account left to me by my dying dog may he rest in Jesus' arms, $30,000,000 MILLION USD. Please act as my feduciary agent in moving this moneys safely onshore, and I shall with you share 10%, that is $10,000 THOUSAND USD.

  2. Appropriate actions by Anonymous Coward · · Score: 5, Funny

    Perhaps a good reason why blogging should be illegal.

    1. Re:Appropriate actions by Wiarumas · · Score: 5, Funny

      Yeah, we should start a blog about that!

      --
      I will bend like a reed in the wind.
    2. Re:Appropriate actions by Archangel+Michael · · Score: 4, Funny

      Because we all know that when blogging is a crime, only criminals will blog!

      or something like that

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    3. Re:Appropriate actions by steelfood · · Score: 4, Funny

      Why couldn't it be both?

      --
      "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
    4. Re:Appropriate actions by Ihmhi · · Score: 4, Funny

      <NRA>Blogs don't spread malware, people spread malware.

      --
      Random Thoughts From A Diseased Mind (Not For Dummies)
  3. 2%? by commodoresloat · · Score: 4, Funny

    Come on, Google bloggers, that's less than Apple's marketshare! Surely we can do better than that!! Let's get to work!!

  4. Users or Malware Study? by Prysorra · · Score: 5, Interesting

    You're assuming its just the Malware's eyes they're after. Perhaps a study of the spread of Malware through Google would tell us something about their culture? Their will of course be somewhat disconnected clouds of competing bot swarms. Perhaps studying the shape of these clouds and how they choose to connect might help us combat their effectiveness?

    1. Re:Users or Malware Study? by ObsessiveMathsFreak · · Score: 4, Funny

      Perhaps studying the shape of these clouds and how they choose to connect might help us combat their effectiveness?

      Yes! I see it! They're like a pack of wolves! No, Wild Horses! Wait no, Camels. Ahhh! It's an avalanche! Run!

      --
      May the Maths Be with you!
  5. Meanwhile... by oahazmatt · · Score: 5, Funny

    Meanwhile...

    Cut to Steve Ballmer screaming at some programmers.
    Ballmer: Two percent?
    Programmer: Sir, we..
    Ballmer: Two percent?! I told you twenty!
    Programmer: We're trying. It's just...
    Ballmer: Just what?
    Programmer: There's so much other malware coming out, that it throws our percentages off.
    Ballmer: Then hire them!
    Programmer: Who? The malware authors?
    Ballmer: Do you have a problem with that?
    Programmer: I don't think it's ethical.
    Ballmer: Tony Stark built this in a cave! With a bunch of scraps!
    Programmer: ...what?

    --
    Those who believe the Internet is private,
    find their privates are on the Internet.
  6. Re:Two percent is newsworthy? by Anonymous Coward · · Score: 3, Insightful

    Furthermore,

    or simply posting links to infected websites in other bloggers' comments

    Does that mean that slashdot contains 76% of the world's goatse, simply because trolls post links to other servers hosting it on this site?

    Perhaps Microsoft has 18.9% of the worlds child porn because it can be found by using their Windows Live search engine?

  7. Googles name by b4thyme · · Score: 4, Insightful

    Part of it is probably google's good name that is attractive to malware hosts. As google "does no evil", people trust them. How could malware end up on a site hosted by a service that does no evil?

    people think:
    google = good
    malware = evil
    malware != google

    profit for malware distributors!

  8. What, no evil comments yet? by swordgeek · · Score: 4, Funny

    "Don't be evil. Just host it."

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
    1. Re:What, no evil comments yet? by _Sprocket_ · · Score: 4, Funny

      No kidding! If this was a Microsoft-hosted blogging service, there'd already be 20 posts about the lack of commentary if this were a Google-hosted service. Which it is. Which means there's not.

      Profit.

    2. Re:What, no evil comments yet? by Phurge · · Score: 5, Funny

      "Don't be evil. Just host it."

      and serve ads to it

      --
      I'll see your hokum and raise you a boondoggle.
    3. Re:What, no evil comments yet? by Kugrian · · Score: 3, Insightful

      Hopefully their crawlers are advanced enough to display ads for Malware removal tools alongside the infected pages.

  9. Blogspot is popular for spam redirects by Animats · · Score: 5, Interesting

    Blogger is popular for spam redirects, because it's possible to turn a Blogger page into a redirect. Typical example: "Looking for a R0lex repl1ca? ... Where? At http://www.mitch83393.blogspot.com/" (Google already got this one as a TOS violation, but they're throwaway blogs generated by programs. There will be a new one in a few minutes.) Spammers do this to get their message through filters that check for spam links.

    This is a generic problem with Google's free services. Spammers and scammers now use GMail to get throwaway mail accounts, Blogger for an open redirector, YouTube to host advertising videos, AdWords to advertise scams, and Google Checkout to collect the money. It's full-service evil.

    For the last two, Google has a business relationship, but doesn't seem to be validating their customers well enough. The use of Google Checkout for spam and attack tools is especially disturbing. Try, for example, searching for "craiglist posting". Note the ads with Google Checkout links. There, Google is an active participant in collecting the money and is profiting from the transaction.

  10. And the rest..... by vigour · · Score: 4, Funny

    The other 98% comes from here

  11. The best part . . . by greenreaper · · Score: 4, Informative

    If you're subscribed to Google Alerts, and they post a malware-hosting blogger site with material you're watching for, it comes straight into your inbox. I've had this happen to me with spam copied from one of my own wikis. They seriously need to clamp down on the ability to redirect people automatically from Blogger.

  12. yahoo email? by thermian · · Score: 4, Interesting

    Most of the time the scam mail I get has a yahoo email attached.
    There are no innocents among free web service providers.

    --
    A learning experience is one of those things that say, 'You know that thing you just did? Don't do that.' - D. Adams
  13. Popular blog site has some malware by wattrlz · · Score: 3, Funny

    Podcast at 11.

  14. Hypocrisy by Eric+Smith · · Score: 4, Insightful
    On two occasions miscreants managed to inject links to malware into my site, and on each occasion Google nearly immediately started listing my site in search results as "this site may harm your computer", and no direct (clickable) link.

    If Blogger is so full of malware or links to malware, why don't all the search results pointing to Blogger get the same warning and lack of link?

  15. Way to go, PC Pro by Cajun+Hell · · Score: 5, Insightful
    Sophos says:

    Blogger accounts for around 2% of malware," according to Sophos's senior technology consultant..
    ..
    Sophos says it doesn't blame Google for the situation...

    PC Pro's crack writers say:

    Google's Blogger service is responsible for 2% of the world's malware hosted on the web

    (Emphasis mine.) Journalism at its finest!

    --
    "Believe me!" -- Donald Trump
  16. Market share by Haxx · · Score: 5, Interesting

        I'm curious to what the 2% number means when market share and region figures are factored in. I'll bet it doesn't mean much.

    Newsflash! 2% of the Internet is where 2% of the hackers are!

  17. I blame the people who make guns easily available by PC+and+Sony+Fanboy · · Score: 3, Insightful

    Thats a poor argument. Take canada vs. usa - the climate is the same, most of the laws are similar... but gun control laws are drastically different, and canada has better social services.

    ... but canada also has a much MUCH lower incidence of gun-related crime.

    do we blame the lack of social services in the states for the gun crime? Or perhaps the availability of the guns?

  18. Microsoft blogging service by symbolset · · Score: 4, Funny

    Microsoft isn't set to invent blogging until 2011, after including it as a LiveCloud application in Windows 7. By 3Q2011 you are all expected to offer some awed respect to the brilliant innovation of user generated content (patent pending). Guidance is the same for all of their products: stay away from version 1, even numbered and prime numbered versions, and every version before the first service pack.

    --
    Help stamp out iliturcy.
  19. 2% Implies a known boundry by jasonmanley · · Score: 4, Interesting

    In order to determine that it is 2% means that they would have to know exactly how much is out there in the first place - how would they know that?

    --
    http://projectleader.wordpress.com
  20. Not the most exploited site by Kurrel · · Score: 3, Insightful

    I'd like to see what percentage of infections were facilitated through MySpace, but that would require omniscience just as this figure does.