Google has just announced something pretty interesting today that found itself on to newsgroups: that it is using its own data to detect viruses and will as of today be using Google Search results pages to warn users if their computers are infected with a specific form of malware.
Google is putting up a notification at the top of Google web search results to users whose traffic is coming through the proxies. The notice warns uses that their computer is infected with software that intercepts their connection with Google and other sites, Damian Menscher , a Google security engineer said in the post.
Users infected with the virus, which is apparently rerouting traffic to Google and other sites through a proxy, will see the below warning:
It’s good news for people who want to know when their computers have been infected, and bad news for people who think Google already knows too much about them. Whatever your disposition, here’s how it works.Certain strains of malware hijack your internet connection and re-route your destination to sites trying to sell you stuff or further infect your computer. If you’ve ever opened your web browser and been taken to a page other than the page you’ve designated as your home page, that’s malware.
The downside here is that the notification looks kind of like a fake notification meant to trick you into clicking on a link in the first place, so people who have learned to ignore “Your computer appears to be infected” messages may dismiss it altogether. Also, malware developers could theoretically make it so that every time you try to go to a Google site, you’re rerouted elsewhere.
Some USENET newsgroup users and security experts have expressed concern that attackers would soon begin spoofing Google’s notification message for more nefarious purposes.
This isn’t the first effort by Google to help users deter web threats. The company also displays warning messages for search results that have been hacked or appear to be serving malware.