Google is expanding the set of tools it makes available to Webmasters to help them detect and remove malware infections on their sites, adding a new alert service that will let the owners of large blocks of sites know as early as possible about the presence of malicious content on any of the sites that are under their control.
The new service, Google Safe Browsing Alerts for Network Administrators, is designed to help the people who run huge numbers of sites identify and remove malware on their sites. As part of the service, once the owner of an autonomous system registers an email address with Google, the company will deliver alerts any time Google’s automated crawlers identify malicious content on a site.
“A single network or ISP can host hundreds or thousands of different
websites. Although network administrators may not be responsible for
running the websites themselves, they have an interest in the quality of
the content being hosted on their networks. We’re hoping that with this
additional level of information, administrators can help make the
Internet safer by working with webmasters to remove malicious content
and fix security vulnerabilities,” Google’s security team said in a blog post on the addition.
Injecting malicious content onto legitimate Web sites is one of the favored tactics of attackers these days, as they continue to take advantage of the millions of vulnerable Web applications available to them. Many of the larger malware campaigns of the last couple of years have used SQL injection or a similar technique as one part of their infection and attack routine, and many the owners of many of the infected sites are completely unaware of the compromise.
For nearly a year, Google has operated a similar service as part of its Webmaster Tools offering that not only notifies Webmasters about infections on their sites, but provides them with a sample of the malicious code that was found.