Google’s New Malware Warning System
Date posted: July 19, 2011
Google has taken the next step in the search engine war by introducing a new anti-malware warning system. The search behemoth will now alert its users whenever a particular strain of malware intercepts browser activity from their PC (the warning is only available on Windows PCs so far).
Users whose machines have been infected will be warned with a big yellow banner at the top of the search results (which will say simply: “Your computer appears to be infected.”). They will then be directed to a Google page that explains how to remove the strain of malware they are dealing with (as well as a general instructions on manually removing malware from Windows computers) . The “infected” will also be encouraged to update their antivirus software.
This latest round of anti-malware efforts came about when Google noticed unusual network activity during data maintenance. “After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or ‘malware’,” wrote Damian Menscher, a Google security engineer, in a company blog post.
The threat, as Google has explained it, involves traffic through proxies. The primary IP address that Google is concerned with is 126.96.36.199 (which has been flagged by BitDefender and TrendMicro as a trojan that urges users to install fake antivirus software) and the search engine is able to detect when traffic is coming from those servers. “We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections,” Menscher said.
However, because Google is looking for a specific proxy, you will not see the warning if you use your own proxy server to fight viruses. Nevertheless, this is another bold step by the company in its fight against malicious content. They have already incorporated warnings about malicious downloads into the Chrome browser and has gone after it in the Android market as well.