May 15, 2007 7:56 AM PDT

Google: 10 percent of sites are dangerous

Google is warning Web users of the increasing threat posed by malicious software that can be dropped onto a computer as a Web surfer visits a particular site.

The search giant carried out in-depth research on 4.5 million Web sites and found that about one in 10 Web pages could successfully "drive-by download" a Trojan horse virus onto a visitor's computer. Such malicious software potentially enables hackers to access sensitive data stored on the computer or its network, or to install rogue applications.

Google's report (PDF: The Ghost in the Browser: Analysis of Web-based Malware), published last week, said the rise in Web-based malicious software has been aided by the increasing role that the Internet plays in everyday life, along with the ease in setting up Web sites.

Graham Cluley, senior technology consultant at Sophos, said Google is highlighting a worsening trend and "a considerable problem" for businesses and individual Web navigators.

An average of 8,000 new URLs containing malicious software emerged each week during April, Cluley said, adding that the notion that such software resides only in the darker corners of the Internet is very outdated. Seventy percent of Web pages hosting rogue software are found on legitimate sites targeted by hackers, according to Sophos.

To place malicious software on Web sites, hackers are manipulating Web server security, user-posted content, advertising and third-party widgets, Cluley said. "They used to spread malware by e-mail attachment. What they do now is spam out URLs."

Cluley warned businesses that they "cannot protect users by restricting what sites they go to. You need to start protecting your Web access as well as your e-mail gateway."

Tim Ferguson of reported from London.

See more CNET content tagged:
Graham Cluley, malicious software, Sophos Plc., hacker, Google Inc.


Join the conversation!
Add your comment
That's why I use Opera
In opera you can turn off:

Java, Java Script, Plugins, pretty much everything, so that the browser is processing only HTML, basics, and you can enbed things like that in straight HTML, only that is read and everything else is thrown out. No other browser allows for this that easily to be done to my knowledged, that's why Opera is my choice for a web browser.
Posted by RompStar_420 (772 comments )
Reply Link Flag
doesn't turning off all scripts and such really detract from your web browsing experience? many sites dont work properly unless all that is turned on.
Posted by donjonson (16 comments )
Link Flag
Uhm. Actually
The news headline should actually read that 10% of sites Google LINKS to are dangerous due to click fraud.
Posted by thartist026 (3 comments )
Reply Link Flag
So how do we guard oursleves from this?
This is good to know but what does the average user do to protect themselves? I use firefox is that good enough?
Posted by donjonson (16 comments )
Reply Link Flag
the firefox add-on you'll find at = www customizegoogle dot com is a good start
Posted by i_made_this (302 comments )
Link Flag
Noscript, Antispyware/Malware
If you use Firefox, then you should use the Noscript add-on. My default for any site is scripting turned off. I only allow trusted sites to use scripting. This may not be a perfect solution, but it is better than running "naked". I also run ZoneAlarm anti-spyware/virus, and Windows Defender. Again, not perfect, but there is only so much you can do without completely impairing the web experience.

If you are eally fanatic, I suppose you could only run your browser in a virtual machine by using VMWare or equivalent. After each browser session, purge the virtual machine and replace it with a virgin virtual machine. Any malware that you might have picked up during the last session will be destroyed. If you have kids using a computer, you either need to use this technique, or have them run the browser under hardened Linux.
Posted by Stating (869 comments )
Link Flag
For IE user: Use high security in "internet" zone
Harden IE:
1. Tools -> Internet options -> Secuirty -> Internet -> custom level -> "reset to" select "high" -> clieck "reset"
2. In this above dialog fox, select "downloads" -> File download -> Enable
This will disable everything including javascript, java, etc.
The only catch is that if you need to view a pdf file, you need to save it locally and then open it. But I have been using this setting for years (since year 2001) visiting all sorts of web sites without any virus probelms.
3. Internet options -> Secuirty -> Intranet -> custom level -> "reset to" select "medium high" -> clieck "reset"

For a few trusted web site that require javascript, you can add it to intranet zone.

ALso do:
Keep computer up-to-date with WIndows update.
Posted by fc11 (48 comments )
Link Flag
0% Dangerous if you use a Mac.
Problem solved
Posted by Anon-Y-mous (124 comments )
Reply Link Flag
That's why CNET keeps the report vague.
'one in 10 Web pages could successfully "drive-by download" a
Trojan horse virus onto a visitor's computer.'

To what kind of computer could it download the trojan? Why a
Windows computer, of course! Cnet doesn't want to upset MS
though, so they won't report on that fact.
Posted by Macsaresafer (802 comments )
Link Flag
Keep pushing Macs. Eventually, you'll end-up in the same boat as PC users. Macs are no more secure than PCs, it's just that they don't have the market share needed for malware programmers to target them...yet.
Posted by angelopc (1 comment )
Link Flag
Google's alliance with - a major problem brewing
One of my client's sites, Durand Railroad Days, got flagged with a warning page that pretty much blocked people from visiting that site from Google.

I consider this to be heavy-handed and unfair. Why should I or my clients have to suffer the consequences of someone illegally hacking into my clients or my own server space?

They could be taking a leadership role by working with designers and hosts like myself. Instead, they put up an arbitrary warning page, which runs the risk of damaging the reputation of the client or designer. They have also been singling out hosts. They should be working with these people, not at them!

Another thing: All my clients have contact information on their sites, and I have my web address on all. There is no reason why they cannot contact the client or myself directly to inform us of the problem, what the problem is, and what needs to be done to fix it. Sure, every solution is different. But if Google and StopBadware are really interested in being responsible, they will go the extra mile here, instead of putting arbitrary warnings on a link to a site.

I don't like having my reputation slammed, nor that of my clients, and I go to great pains to encourage people to learn more about identity theft and malicious software, viruses, worms, and Trojan horses.

BTW: I run a Mac. But they can also get inflicted, especially the new ones that can run both Windows and Mac software.
Posted by Larry Launstein Jr (13 comments )
Reply Link Flag
I have a similar problem, but it is with SiteAdvisor. They have no problem with my content, but I was linking to a site that they classed as bad. While I removed the link soon after, three months later they haven't updated their report, even though they assured me that they would do it last month.

More transperancy is needed with sites like these.
Posted by Siegfried Schtauffen (269 comments )
Link Flag
I no longer trust Google for anything. They have now put themselves as the "High Priests" of the Internet. All the while they do not index most Websites unless paid to do so> How can anybody trust one search engine against the hundreds ones that get better results. If you have enough money then you are indexed by Google. Money buys fake publicity that the public buy into without even doing any research. I know this first hand since our non-profit website was paying for someone to do our indexing. All was wonderful until we could not longer pay. Suddenly out traffic went through the roof as other search engines indexed our Website for free. Do not listen to the billion dollar boys at Google tell you they are the "police" of the Internet. All they know how to do is count your dollars as you pour them over to their sponsors and indexers that pay Google. What a load of bull!!
Posted by the editor (1 comment )
Reply Link Flag
Well said - try Anoox search engine for relief
I could not agree more with what you have written about Google. I just wished more people would realize what you have found out. That Google in fact far from being a un-biased source of information, search engine, is in fact very biased by money considerations.

Try AnooX search engine if you want to be free from the noose of Google & Yahoo. Because it is a search engine that is powered by the People, it is Open source and Not-for-profit. Here:
Posted by Dean_Ansari (61 comments )
Link Flag
That is why I use Oxygen browser
Want to be free of being Hacked by malicious web sites, either switch to Mac or if you are on Windows as I am, as 98% of people are, use Oxygen web browser by Netdive. You can download it for free here:
<a class="jive-link-external" href="" target="_newWindow"></a>

Oxygen is free, and best of all it is fast, since it is not loaded with junk/extra software as IE or FF are.

Cheerio :)
Posted by Dean_Ansari (61 comments )
Reply Link Flag
Why can't you just pay for ads?
No one cares about your companies. Face it.
Posted by Siegfried Schtauffen (269 comments )
Link Flag
due to the fact that many dangerous sites are sponsered by Google. I am not picking on google itself, I do use their search engine and I do not mean that stupid toolbar they try to keep shoving down my throat. As a matter of fact most dangerous sites are recieved after a person downloads a toolbar of sorts. WHY IS GOOGLE FOLLOWING THIS PATH?
Posted by Ted Miller (305 comments )
Reply Link Flag
Software can prevent
<p>There are numerous software titles out there that help prevent this type of
malicious software from attacking your computer.&nbsp; If your computer is
infected and you know the website where the software came from then a swift
notice to their <a href="" class="style2">
<span class="style1">web hosting provider</span></a> would be in order</p>
Posted by red541 (1 comment )
Reply Link Flag
Well the url to this page under a google search for this warning, is also restricted. Try it yourself.
Posted by rbphacker (3 comments )
Reply Link Flag
It appears Google has run into a problem with it's warning system and all results were flagged for a short time this morning.;hl=en
Posted by rbphacker (3 comments )
Reply Link Flag
I downloaded a You Tube downloader and converter from

But some really bad stuff was downloaded as well on 10/19/2012. It was an anitivirus program and another program that I think was the culprit. Not only did the antivirus software take over my home page but was forcing me to run a virus scan so I disabled it and set my home page for yahoo again.

But after all of this software has been on my computer for about 24 hours, I couldn't use my yahoo mail and You Tube any longer because fake looking advertisements of really poor quality took over both websites.

There was always an icon under these phoney ads which I was able to trace back to a program called since I seen that same icon in Settings>Control Panel>Programs

I hunted all of these programs down including the You Tube Downloader and Converter using dates and removed them all from my system. I ran a full security check from my antivirus program I already have and really like.

But, I was lucky enough to seen what was going on since I have some knowledge of problems with computer software and a cool head prevail. But, I consider this as a very dangerous download, since there are so many people who would absolutely be lost and would have to take their computers to shops spending big bucks. It wasn't an easy task to get my computer straightened out and I feel sorry for the next person that falls to this.

I can deal with other browsers since I can remove them and they don't bring harm to my computer.
Posted by .Loneseer. (1 comment )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.