Google Gets Tough on Malware Sites and the Damage They Do

Gone are the days when Google let malware sites off the hook with a stern warning and a solemn promise not to revert to their harmful ways. The search engine has instituted a new policy -- effective immediately -- for sites it deems to be repeat offenders of its ?EU?Malware, Unwanted Software, Phishing, and Social Engineering?EU? policies.

Under the terms of the new policy, Google will slap warning messages alerting users that sites are malware distributors once it has determined that those sites are repeat offenders. Google's decisions are irrevocable for 30 days, with no possibility for appeal. After the 30-day period has expired, webmasters can request that Google review the status of their sites.

Gaming the System

While the change in policy is a new wrinkle, Google?EU?s Safe Browsing system has been in place since 2005, with webmasters receiving an automatic message once their sites have been deemed harmful. However, the e policy had previously called for the automatic launch of a verification process.

However, Google said that this process, which could also be instigated at the behest of the webmasters, had been allowing a small number of malware distributors to game the system. Malware sites were able to clean up their acts just long enough for Google to recertify them as safe, before returning once again to their criminal ways.

?EU?As a result of this gap in user protection, we have adjusted our policies to reduce risks borne by end users,?EU? Google said in a post on its Security Blog. ?EU?With regards to Safe Browsing-related policies, repeat offenders are Web sites that repeatedly switch between compliant and policy-violating behavior for the purpose of having a successful review and having warnings removed. ?EU?

Adapting to the Enemy

Google was quick to point out that sites that have been hacked by third parties to distribute...

Comments are closed.