Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Google to send detailed information about hacked Web sites

Registered Webmasters will get a preview of the bad code, which should help in fixing the problem

In an effort to promote the "general health of the Web," Google will send Webmasters snippets of malicious code in the hopes infected Web sites can be cleaned up faster.

The new information will appear as part of Google's Webmaster Tools, a suite of tools that provide data about a Web site, such as site visits.

Google already e-mails administrators if its automated scanners detect malicious content on a site. Those pages are then marked in Google's search results with a warning.

Increasingly, cybercriminals seek to hack legitimate Web pages and plant malicious software since it may be a long time before those sites are cleaned up or detected as opposed to a newly created domain. Unfortunately for administrators, there also may be a significant gap in time between when the site is hacked and when they find out their Web site has been placed on a blacklist.

"We understand the frustration of Webmasters whose sites have been compromised without their knowledge and who discover that their site has been flagged," wrote Lucas Ballard on Google's online security blog.

To Webmasters who are registered with Google, the company will send them an e-mail notifying them of suspicious content along with a list of the affected pages. They'll also be able to see part of the malicious code.

"These samples -- which typically take the form of injected HTML tags, JavaScript, or embedded Flash files -- are available in the 'Malware details' Labs feature in Webmaster Tools," Ballard wrote.

When the Web site is clean, administrators can e-mail Google, and their site will be given the all clear.

"We hope you never have cause to use this feature, but if you do, it should help you quickly purge malware from your site and help protect its visitors," Ballard wrote. "We plan to improve our algorithms in the upcoming months to provide even greater coverage, more accurate vulnerability identification and faster delivery to Webmasters."

Join the CIO newsletter!

Error: Please check your email address.

Tags Googlesecurity

More about Google

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Computerworld
ARN
Techworld
CMO