Google Search Engine's Malware Detection Broken

Published: 2009-01-31. Last Updated: 2009-01-31 18:17:26 UTC
by John Bambenek (Version: 1)
5 comment(s)

As of right now, it appears any google search you do will come up with all the same results as before.  What has changed is that it appears to be reporting that every site might contain malware (i.e. it shows the "This site may harm your computer" warning with every result).  Apparently it has been happening for about the last 15 minutes.  So things are going a little haywire there and I'm sure it'll be fixed shortly.  Bottom line, there is no massive web-based attack going on.

The interesting backstory to this is that I discovered this problem with Twitter. Specifically, I use TweetDeck and noticed that all the sudden "harm", "malware", "harmful" and "google" just jumped to the top of the trending list. I took a look and found out about the problem and confirmed it for myself.  I'm still somewhat skeptical of using Twitter trends to get hard-core intelligence about what is going on around you, but it certainly does point out some things to look at, even for information security professionals.

UPDATE X1: It appears international versions of Google search are also impacted.

UPDATE X2: It appears that the problem has since been fixed.

UPDATE X3: Google's reponse: http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html

(Weekend humor: I had thought about this after this was written, but a better title of this diary would have been "Whitelisting: You're Doing it Wrong")

--
John Bambenek, bambenek /at/ gmail \dot\ com

5 comment(s)

Comments

This must be causing widespread panic among those who think that Google 'is' the Internet. Are there any signs of this happening yet? Alert the internet!
Just noticed this myself when I did a search for an automotive parts manufacturer. I was just about to notify you about it till I saw the diary. Thanks for the notification folks!
yep, saw it as well and submitted it to the ISC contacts as an FYI just a bit before this update on the ISC was posted. Just can't wait for the flood of complaints from my users, thankfully it's not a week day.
appears to be fixed now. The internet lives ;-)
BTW, this also affected Firefox 3, since it consumes the blacklist from Google (yesterday all kinds of sites displayed the \"red curtain\" when I wanted to browse them in FF3)

Diary Archives