Site menu:

Welcome | Products & Services | Security Portal | Commentary | Employment | FAQ | Privacy |

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Google Finds More than 4,000 Malware Distributing Sites

Google's Online Security Blog published some information regarding the number of potentially malicious sites that appear to have been set up for distributing malware. Of the more than 4,000 sites that they have identified, more than a quarter are registered under a .cn hostname and there were several that tried to play on Google services to trick users into thinking that they were legitimate.

Based on the chart presented in the post, it seems that the best opportunity to avoid detection and blacklisting by Google is to select a non .cn domain, and to pick a name that is inoffensive and bland and doesn't correlate to any pre-existing service that it plainly isn't. From the chart, it seems that orgsite.info had the greatest level of success, both in terms of the length of time before being added to the malware list, and with the number of people reached before being added.

Just because a site is added to Google's malware list doesn't mean that it is going to fade from significance. Gumblar's recent and rapid rise to prominence, including not peaking until well after being added to Google's malware list highlights this succinctly. It reflects the growing number of sites that Google has identified as being infected with the Gumblar malware, all of which points back to the problematic gumblar.cn domain. Almost all of the sites flagged by Google as pointing towards gumblar.cn would be legitimate websites that have been compromised by a group or groups as part of a widespread Internet attack that is being used to distribute malware to Windows PCs (though it could always easily be repurposed).

7 June 2009

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.

More information:

Subscribe to our feed.

Commentary & Insight From Sûnnet Beskerming2024202320222021202020192018201720162015201420132012201120102009 - December - November - October - September - August - July - JuneDealing With People Who Avoid RestrictionsMicrosoft Money Joins Encarta on the ScrapheapCritique of Apple's Security Stance Nothing New - But Still WorthwhileT-Mobile Responds to Hack Claims - Nothing to See, Please Move OnClaims of T-Mobile Hack Raise More Questions Than AnswersChallenging Security Researchers and Coming off Second-BestGoogle Finds More than 4,000 Malware Distributing SitesMicrosoft Security Patch Release June 2009 Advance Notification - May - April - March - February - January2008200720062005

Focussed Advisories

Reach Us:

Reach us at
info@beskerming.com

Reach us via IM

Jabber:
Server - jabber.org.au Account - Sunnet.Beskerming

AIM / iChat:
sunnetbeskerming

ICQ:
339742914

Google Talk:
Sunnet.Beskerming

Yahoo! Messenger:
sunnet.beskerming

MSN:
info@beskerming.com

Testimonials

"...extremely timely, accurate reporting..."

"...honesty which is refreshing..."

Copyright © 2005-2011 Sûnnet Beskerming Pty. Ltd. Design by Andreas Viklund.