Misspelled versions of two popular Google services are among the Top 10 sites hosting exploits for use in drive-by malware download attacks.

On the heels of two massive drive-by attacks — ten of thousands of hijacked sites launching attacks via the browser — Google released a list showing that malicious hackers are typo-squatting on its domains to evade detection and to keep malware sites alive for long periods.

Here’s the top 10 list (click image for full size):

For more information on this list, see this blog entry by Niels Provos from Google’s Security Team.

Categories: Malware