Google adds malware warning to search site

Google is taking action against malware authors who hijack people's web searches to spy on them, introducing a new warning mechanism for visitors to the company's search page.

The update to Google's search service comes as a result of a particular strain of malware which redirects searches to Google via a series of proxy servers, sniffing the content all the while for interesting tidbits of information.

"As we work to protect our users and their information, we sometimes discover unusual patterns of activity," explains security engineer Damian Menscher on the Google Online Security Blog. "Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or 'malware.'

"As a result of this discovery," Menscher explains, "today some people will see a prominent notification at the top of their Google web search results." The notification, which only appears if your traffic comes from an address known to be used as a proxy server by malware authors, comes with a link to advice on how to fix the problem.

The advertising giant has come under fire for its actions, however: while warning users that they may be infected with a nasty piece of malware is laudable, the warning message looks remarkably similar to the fake messages used to convince people to download unnecessary and often harmful 'security' programs.

One comment on Menscher's blogpost points out: "Tomorrow, the bad guys will copy the format and appearance of Google's version of the message, to leverage the trust people have in Google." Another agrees: "For as long as I've been on the internet, there have been messages like this floating around that will actually GIVE you a virus. If I saw that message without reading this blogpost, I would assume the message was fake."

Google's aim - to help stem the tide of infected systems - is, however, laudable, and hopefully its message will come across loud and clear to those who have managed to get their systems caught in some ne'er-do-well's dragnet.