HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 12 MINUTES AGO.
You are here: Home / Applications / Malware Detection Coming To Chrome
Malware Detection Will Be Added To Chrome Browser
Malware Detection Will Be Added To Chrome Browser
By Adam Dickter / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
APRIL
07
2011
Users of Google's Chrome browser will soon receive alerts telling them that files they're about to download may contain malicious software. The search giant and growing software pioneer announced on its Online Security Blog this week that a new feature, available first to developers, will work with its Safe Browsing Application Programming Interface, which enables client applications to check URLs against Google's blacklists of suspected phishing and malware pages. That list is regularly updated.

Social Engineering

"It's easy to find sites hosting free downloads that promise one thing but actually behave quite differently," wrote Moheeb Abu Rajab of the Google Security Team on the blog. "These downloads may even perform actions without the user's consent, such as displaying spam ads, performing click fraud, or stealing other users' passwords. Such sites usually don't attempt to exploit vulnerabilities on the user's computer system. Instead, they use social engineering to entice users to download and run the malicious content."

Growing detection methods may be turning the tables on spammers and hackers. Madrid-based Relevant Products/Services-security company Panda last month reported a decrease in infected computers detected by its online ActiveScan, from 50 percent in January to 39 percent the following month. Trojan programs were the most common threat at 61 percent, with more common viruses at 11.59 percent, and worms at nine percent.

The highest rates of infection were in China, Ukraine, Thailand and Taiwan. The U.S. ranked in the middle of the scale, while Australia had the lowest rate.

Google's update will begin small, as an experiment for certain users who subscribe to the Chrome development release channel, with later inclusion planned for the next stable release of Google Chrome. "We hope that the feature will improve our users' online experience and help make the Internet a safer place," Rajab said.

Google has invested heavily in security for Chrome, paying out thousands of dollars for exploit tips from non-employees, and those efforts paid off last month when no participant in the PWN2OWN hacking contest attempted to exploit the browser.

'Known Destinations'

"I think Google is taking the right approach," said Chester Wisniewski, a senior security adviser at Sophos Canada, a consulting firm. "They are sort of following in our footsteps by chasing after the 'known malware destinations,' as we call them in SophosLabs."

Wisniewski said that given the staggering volume of web sites being infected daily, it's nearly impossible to keep track of them, but the downloads themselves change less frequently, "making the payload an easier target."

While Chrome is not hackproof, Google is trying hard, he added. "They were the first to introduce HSTS support, they are a founding member in stopbadware.org, and they seem to understand the importance of trust on the web. There seems to be a race between Microsoft, Mozilla and Google in the security space, and I heartily welcome the competition to do right by their customers."

Tell Us What You Think
Comment:

Name:

Google Lover:
Posted: 2011-04-07 @ 3:01pm PT
About time...

Like Us on FacebookFollow Us on Twitter
MORE IN APPLICATIONS
NEWSFACTOR.COM
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2015 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.