It all happened unintentionally. I was trying to find out if a particular site has hosted malicious software, acted as an intermediary for further distribution of malware, etc. using the SafeBrowsing Tool of Google, which is now part of Mozilla Firefox and Google Chrome.
But, absentmindedly I typed Google.com instead of the site I was supposed to test. So, I landed up at: http://www.google.com/safebrowsing/diagnostic?site=google.com
Within seconds I got the results, which I found to be funny as well as thought-provoking. So here it goes partly (read the full report in the screen shot above – CLICK to ENLARGE IT):
Safe Browsing: Diagnostic page for google.com
The first question: What is the current listing status for google.com? In the standard readymade language it says: “not currently listed as suspicious”.
The second question: What happened when Google visited this site?
The answer is truly amazing as it does not exclude Google from its diagnostic results, and it says,
“over the past 90 days, 16 page(s) resulted in malicious software being downloaded and installed without user consent” (read the rest from the screen shot above, or make a real-time check of SafeBrowsing for Google.com).
The diagnostic result further says the malicious software included:
“232 trojan(s), 71 exploit(s), 15 worm(s)”, and lists further damages and “Successful infection” on target machines, and more such details.
And Google says:
“13 domain(s) appear to be functioning as intermediaries” for malware distribution that includes an SEO firm, and an advertising company working on a similar style as Google AdSense.
Also the diagnostic report says Google.com appeared “to function as an intermediary for the infection of 35 site(s)” and lists some of them.
And the next question is: Has this site hosted malware? And the emphatic answer is:
“Yes, this site has hosted malicious software over the past 90 days. It infected 153 domain(s), including…” and lists some of the infected sites.
And here comes the most interesting part: “
Next steps: If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools”.
So, is google.com going to request a review of itself using Google Webmaster Tools?
And the most important question that comes to my mind is: If Google can get this report, can’t they tighten the security measures and prevent further distribution of malware and Trojans?