Google Blogger "Hosts 2% of World's Malware"

Barence writes "Google's Blogger service is responsible for 2% of the world's malware hosted on the Web, according to a new report from security firm Sophos. The company claims hackers are setting up pages on the free blogging service to host malicious code, or simply posting links to infected websites in other bloggers' comments. 'Blogger accounts for around 2% of malware,' according to Sophos's senior technology consultant, Graham Cluley. 'It's head and shoulders above the rest [of the blogging services].'" Sophos believes that Blogger is favored because, being part of Google, it gets spidered early and often.

Malware Mining

[Anonymous Coward]

That's a gigantic amount of user data.

Even malware bot writers are users that might buy something....

Users or Malware Study?

[Prysorra]

You're assuming its just the Malware's eyes they're after. Perhaps a study of the spread of Malware through Google would tell us something about their culture? Their will of course be somewhat disconnected clouds of competing bot swarms. Perhaps studying the shape of these clouds and how they choose to connect might help us combat their effectiveness?

Re:Users or Malware Study?

[ObsessiveMathsFreak]

Perhaps studying the shape of these clouds and how they choose to connect might help us combat their effectiveness?

Yes! I see it! They're like a pack of wolves! No, Wild Horses! Wait no, Camels. Ahhh! It's an avalanche! Run!

A warning

[Anonymous Coward]

When I installed Linux it asked me for my credit card number. Two days later I got a call from Wachovia asking me if I had purchased $400 worth of Totino's pizza rolls and Mountain Dew (I hadn't). Let this be a warning to all of you out there in the Internet.

Re:A warning

[thePowerOfGrayskull]

I have money in an offshore account left to me by my dying dog may he rest in Jesus' arms, $30,000,000 MILLION USD. Please act as my feduciary agent in moving this moneys safely onshore, and I shall with you share 10%, that is $10,000 THOUSAND USD.

Re:

[CastrTroy]

10% of 30,000,000 is 3,000,000. Also, what is meant by 30,000,000 MILLION? Is it 30,000,000,000,000 or is the Million just redundant wording?

Re:

[ConceptJunkie]

It's funny that you complained about all the "mistakes" in a post that was clearly a spoof and missed complaining about the spelling error.

No, wait, not funny: sad. It's sad.

Re:A warning... If this keeps up, we'll need

[davidsyes]

$2 billion notes, like in Zimbabwe... with 2.2 billion percent per month inflation .... enough to buy a couple of bus rides...

http://www.cnn.com/2008/WORLD/africa/02/01/zimbabwe.inflation.ap/index.html [cnn.com]

http://ap.google.com/article/ALeqM5g2RPSaqbbqphRrvYYIaUsAV27LZwD91VM5O00 [google.com]

But, the REAL $64 BILLION question: How much malware is on MSN? Why worry about Google if it's only got 2% of the malware???

Re:

[RealGrouchy]

I have money in an offshore Blogger account left to me by...

I hate to see a good joke go off topic...

- RG>

Re:

[LaurensVH]

I have money in an offshore account left to me by my dying dog may he rest in Jesus' arms, $30,000,000 MILLION USD. Please act as my feduciary agent in moving this moneys safely onshore, and I shall with you share 10%, that is $10,000 THOUSAND USD.

You sir, look like an excellent candiate for our recent job opening here at Verizon!

Re:

[Darkk]

I don't ever give out my credit card info to sites like that. I've donated money to Linux distro sites via paypal so this sort of thing doesn't happen.

I'm sure the bank will take care of those fraudsters.

P.S. Wachovia reported nearly $9B loss last quarter so things are little bleak at the moment.

Appropriate actions

[Anonymous Coward]

Perhaps a good reason why blogging should be illegal.

Re:Appropriate actions

[Wiarumas]

Yeah, we should start a blog about that!

Re:

[nfk]

Funny. I know you're joking (I hope), but I can't tell whether it's the "blogging is stupid" joke, or the "since this technology can be used for evil, let's ban it" joke.

Re:Appropriate actions

[steelfood]

Why couldn't it be both?

Re:Appropriate actions

[Archangel Michael]

Because we all know that when blogging is a crime, only criminals will blog!

or something like that

Re:

[bsDaemon]

Serial killers anyway... they can't seem to resist the urge to brag.

Re:Appropriate actions

[Ihmhi]

<NRA>Blogs don't spread malware, people spread malware.

Re:

[cmacb]

Quick, someone call Andrew Cuomo!

Re:

[Joebert]

Perhaps a good reason why blogging should be illegal.

Screw this freedom of speach crap, I'm moving to Cuba !

Re:

[BlastQuake]

http://ubersoft.net/ [ubersoft.net] Current story on blogging from the 'Technology is not your friend' dept.

Re:

[stephanruby]

Perhaps a good reason why blogging should be illegal.

This being Slashdot, a technical *blog*, this must have been the shortest least disciplined boycott attempt there ever was.

Re:

[tehcyder]

Perhaps a good reason why blogging should be illegal.

Who needs another reason?

Two percent is newsworthy?

[gurps_npc]

I call FARK. Two percent is not newsworthy. You need at least 5% to impress me.

Re:

[Anonymous Coward]

Furthermore,

or simply posting links to infected websites in other bloggers' comments

Does that mean that slashdot contains 76% of the world's goatse, simply because trolls post links to other servers hosting it on this site?

Perhaps Microsoft has 18.9% of the worlds child porn because it can be found by using their Windows Live search engine?

Re:

[mark72005]

or Windows because 99% of it can be found on Windows PCs.

Re:

[X0563511]

My % is bigger than your %.

Re:

[HTH NE1]

"Blogger accounts for around 2% of malware," according to Sophos's senior technology consultant, Graham Cluley.

Is this two percent a plurality?

"It's head and shoulders above the rest

Oh, apparently--

[of the blogging services]."

... not?

Does Sophos only survey blogs?

2%?

[commodoresloat]

Come on, Google bloggers, that's less than Apple's marketshare! Surely we can do better than that!! Let's get to work!!

Voggers

[C_Kode]

I host the other 98% on voggers.com ;)

Meanwhile...

[oahazmatt]

Meanwhile...

Cut to Steve Ballmer screaming at some programmers.
Ballmer: Two percent?
Programmer: Sir, we..
Ballmer: Two percent?! I told you twenty!
Programmer: We're trying. It's just...
Ballmer: Just what?
Programmer: There's so much other malware coming out, that it throws our percentages off.
Ballmer: Then hire them!
Programmer: Who? The malware authors?
Ballmer: Do you have a problem with that?
Programmer: I don't think it's ethical.
Ballmer: Tony Stark built this in a cave! With a bunch of scraps!
Programmer: ...what?

Re:

[Hyperspite]

A bit off topic, but when I saw Iron Man, when the CEO guy was saying something like "Now that I have this power I'm going to kill you!" I heard "Now that I have this power I'm going to fucking kill Google."

Googles name

[b4thyme]

Part of it is probably google's good name that is attractive to malware hosts. As google "does no evil", people trust them. How could malware end up on a site hosted by a service that does no evil?

people think:
google = good
malware = evil
malware != google

profit for malware distributors!

Re:

[Anonymous Coward]

I don't know about that - the type of people who get malware are generally pretty clueless. For example, why would they know that "blogger.com" is part of Google?

Re:

[b4thyme]

I don't know about that - the type of people who get malware are generally pretty clueless. For example, why would they know that "blogger.com" is part of Google?

I would assume because it has google's name on the main blogger.com page?

Re:

[badasscat]

Part of it is probably google's good name that is attractive to malware hosts.

It's a lot more likely that it's just really easy to automate setting up a blog on Blogger and then customizing the template to host malware. It's not like setting up a blog using Wordpress or Movable Type or even Livejournal. I don't think it's got anything to do with "Google's good name" - you don't see the name "Google" anywhere in a blogger url.

Not sure what Google can do about it, though - set up captchas for editing templa

Re:

[miraboo]

Your reasoning is incomplete. You need: good != evil. Assume Nothing.

What, no evil comments yet?

[swordgeek]

"Don't be evil. Just host it."

Re:

[Anonymous Coward]

slowpoke.jpg

Re:What, no evil comments yet?

[_Sprocket_]

No kidding! If this was a Microsoft-hosted blogging service, there'd already be 20 posts about the lack of commentary if this were a Google-hosted service. Which it is. Which means there's not.

Profit.

Microsoft blogging service

[symbolset]

Microsoft isn't set to invent blogging until 2011, after including it as a LiveCloud application in Windows 7. By 3Q2011 you are all expected to offer some awed respect to the brilliant innovation of user generated content (patent pending). Guidance is the same for all of their products: stay away from version 1, even numbered and prime numbered versions, and every version before the first service pack.

Re:

[jgarra23]

Microsoft isn't set to invent blogging until 2011, after including it as a LiveCloud application in Windows 7. By 3Q2011
Don't forget that you will have the following versions:

MS Blog Starter (x32 only)
MS Blog Basic (x32 only)
MS Blog Home (x32 only)
MS Blog Home Premium (x32 and x64 editions available)
MS Blog Business (x32 and x64 editions available)
MS Blog Business Premium (x32 and x64 editions available)
MS Blog Pro (x32 and x64 editions available)
MS Blog Ultimate (x32 and x64 editions available)*

* denotes e

Re:What, no evil comments yet?

[Phurge]

"Don't be evil. Just host it."

and serve ads to it

Re:

[Kugrian]

Hopefully their crawlers are advanced enough to display ads for Malware removal tools alongside the infected pages.

Maybe the site should be an IE free zone?

[schwit1]

Isn't it the predominant conduit between the infected pages and the users? And ask people to upgrade to a secure browser with a links to Firefox, Opera and safari.

Re:

[Anonymous Coward]

What? Are you crazy ? Seperate the retards that read from the retards that write? Inconceivable!

h.e

Re:

[Nutria]

You keep using that word. I do not think it means what you think it means.

Re:

[Firehed]

Why ask?
<!--[if IE]> <style type="text/css"> * { display: none; } </style> <![endif]-->

Re:

[cdrguru]

Any browser that has a link to download something and does not allow the user to download it could be considered to be "secure". But unfortunately I do not know of any browser that is secure in that sense. When the user clicks on the link "Get hot sex now!!!", downloads and runs the "get hot sex now" installer they pretty much leave themselves wide open to whatever.

Security would be disallowing that action. I do not see any security on the horizon.

Google gets 2%

[xpuppykickerx]

of the money I just inherited from this kind Nigerian Prince!

Blogspot is popular for spam redirects

[Animats]

Blogger is popular for spam redirects, because it's possible to turn a Blogger page into a redirect. Typical example: "Looking for a R0lex repl1ca? ... Where? At http://www.mitch83393.blogspot.com/ [blogspot.com]" (Google already got this one as a TOS violation, but they're throwaway blogs generated by programs. There will be a new one in a few minutes.) Spammers do this to get their message through filters that check for spam links.

This is a generic problem with Google's free services. Spammers and scammers now use GMail to get throwaway mail accounts, Blogger for an open redirector, YouTube to host advertising videos, AdWords to advertise scams, and Google Checkout to collect the money. It's full-service evil.

For the last two, Google has a business relationship, but doesn't seem to be validating their customers well enough. The use of Google Checkout for spam and attack tools is especially disturbing. Try, for example, searching for "craiglist posting" [google.com]. Note the ads with Google Checkout links. There, Google is an active participant in collecting the money and is profiting from the transaction.

Re:

[D Ninja]

It's full-service evil.

If you mean Google is a full-service evil, I have to disagree.

People who exploit the services are "evil." Google is not evil for providing very excellent services. It's the same arguments with respect to guns - who do you blame? The gun manufacturer, or the guy who shot the gun?

I blame the people who make guns easily available

[PC and Sony Fanboy]

Thats a poor argument. Take canada vs. usa - the climate is the same, most of the laws are similar... but gun control laws are drastically different, and canada has better social services.

... but canada also has a much MUCH lower incidence of gun-related crime.

do we blame the lack of social services in the states for the gun crime? Or perhaps the availability of the guns?

Re:

[Nightspirit]

Canada also has much lower immigration. You must either have a job that is in great demand, post-graduate education, or able to put down 400k to start a business. Meanwhile here in AZ we have so many people illegally crossing the border that we had to pass laws that make employers verify citizenship before they can be given job, or they lose their business license.

Re:

[cdrguru]

Yes, those mean Canadians not helping the poor, oppressed and disadvantaged Mexicans. Here in the US we welcome those poor, oppressed and disadvantaged folks with open arms. As you can tell from the way laws are enforced.

Of course, we are all in danger of becoming equally poor, oppressed and disadvantaged by allowing anyone and everyone to come here.

Re:

[dreamchaser]

As you can tell from the way laws are not enforced.

There, fixed it for you.

Part of the problem is that laws have *not* been enforced. If they had been, and if we had more sensible visa policies in the US (allowing more legal seasonal workers), then illegal immigration wouldn't be the problem it is.

Re:I blame the people who make guns easily availab

[Dunbal]

Take canada vs. usa - the climate is the same

      Are you NUTS? Yes the climate in the border area of North Dakota is the same as the border area of Manitoba... however if you want to compare Florida's climate to Yellowknife's, I wish you luck.

Re:

[PC and Sony Fanboy]

oh wait, you're right... also, lets compare Juneau (alaska) to Victoria (Vancouver)... oh I guess you're not THAT right.

Re:

[Emperor Zombie]

Victoria (British Columbia)

Fixed

Re:

[Dunbal]

Yes, take a single state with a population of around 600k and call it "The USA".

Re:I blame the people who make guns easily availab

[Bearpaw]

... but canada also has a much MUCH lower incidence of gun-related crime.

do we blame the lack of social services in the states for the gun crime? Or perhaps the availability of the guns?

Neither. It's Clinton's fault.

Re:

[tehcyder]

Isn't there some equivalent of Godwin's law for people who randomly introduce gun control into threads?

Ads?

[dedazo]

What are these "ads" you talk about? I can see nothing but search results in thar page.

(hugs CustomizeGoogle)

And the rest.....

[vigour]

The other 98% comes from here [microsoft.com]

Re:

[Spy der Mann]

The other 98% comes from here [microsoft.com]

That's an interesting question. How much of the world's malware is hosted on (and by hosted i mean stored in, not just linked from) end-user Windows PC's, how much of it on Windows servers, and how much on Linux computers? Is there any statistics about that?

Not meaningful

[Nerdposeur]

Even if you can show that Linux computers account for a disproportionately small amount of malware, that doesn't necessarily show that Linux is more secure (not that I think it isn't).

Linux computers are mostly run by technically-minded people, who probably take better security measures anyway. Not to mention that Linux is a a smaller target for malware.

Re:

[Rapidity]

Except they advertise it as operating systems. (Sorry, I couldn't resist.)

The best part . . .

[greenreaper]

If you're subscribed to Google Alerts, and they post a malware-hosting blogger site with material you're watching for, it comes straight into your inbox. I've had this happen to me with spam copied from one of my own wikis. They seriously need to clamp down on the ability to redirect people automatically from Blogger.

Re:

[ShaunC]

I've had this happen to me with spam copied from one of my own wikis.

Well that's easy enough to fix, just stop posting spam on your own wikis!

yahoo email?

[thermian]

Most of the time the scam mail I get has a yahoo email attached.
There are no innocents among free web service providers.

Popular blog site has some malware

[wattrlz]

Podcast at 11.

Nigerian prince's blog

[Digestromath]

Thank you for coming to my blog. I'm a Nigerian prince, and I'm seeking help freeing my millions of dollars from a frozen account. With all your help, I can slowly free my fortune, and give you a pretty fair share, tax free of course. See my latest post for the progress we've made! We're almost to my goal of freeing one millions dollars! Also my cat just turned 2 today, see my pictures for the awesome birthday party pics.

$10...

[Tpl2000]

$10 USD says 75% is hosted by microsoft, and the rest is hosted by people trying to sell v1agra.

Re:

[mjwx]

$10 USD says 75% is hosted by microsoft

Bah,

American Dollars, at least wager with a currency that's worth something, like Jamaican Dollars or Indonesian Rupiah.

Hypocrisy

[Eric Smith]

On two occasions miscreants managed to inject links to malware into my site, and on each occasion Google nearly immediately started listing my site in search results as "this site may harm your computer", and no direct (clickable) link.

If Blogger is so full of malware or links to malware, why don't all the search results pointing to Blogger get the same warning and lack of link?

Way to go, PC Pro

[Cajun Hell]

Sophos says:

Blogger accounts for around 2% of malware," according to Sophos's senior technology consultant..
..
Sophos says it doesn't blame Google for the situation...

PC Pro's crack writers say:

Google's Blogger service is responsible for 2% of the world's malware hosted on the web

(Emphasis mine.) Journalism at its finest!

Market share

[Haxx]

    I'm curious to what the 2% number means when market share and region figures are factored in. I'll bet it doesn't mean much.

Newsflash! 2% of the Internet is where 2% of the hackers are!

Re:

[Darkk]

Only 2%?

Man, the other 98% of the hackers are slackin!!

Blacklisted ?

[Joebert]

On a serious note, I hope Google gets a handle on this situation before my blogspot blog becomes an innocent bystander on blacklists.

LOLWORMZ

[longacre]

Thank goodness icanhascheezburger runs on WordPress.

Re:

[EveLibertine]

I'm still pretty sure that counts as malware.

It's only the best malware

[WillAffleckUW]

When asked about their malware, Google is reported to have said "But, it's only the best malware."

Then the dormouse fell asleep in the open source coding pot.

Sigh Blogger

[atari2600]

I started a blog three months ago on Blogger and two days after my blog was created, Blogger's spam detecting software marked my benign text only blog as a "spam blog" and locked me out for a week after promising to restore access in 4 days if I responded to their email.

After 4 days, I went with Wordpress and Bluehost (needed other services like gallery as well). Blogger was promising when it first came out but Google doesn't work enough on Blogger (being free and all). Also the "Flag" feature exists so you

Re:

[value_added]

I started a blog three months ago on Blogger and two days after my blog was created, Blogger's spam detecting software marked my benign text only blog as a "spam blog" and locked me out for a week ...

By chance, were you blogging about Nigerian genealogies, luxury watches, or herbal supplements?

Re:

[atari2600]

The blog was actually about American stupidity.

Re:

[MillionthMonkey]

Also the "Flag" feature exists so you can flag blogs for offensive/spam content but I am not sure if that makes a difference.

Some idiot recently created a blogger account (with intentions to make free money from the sponsored links, I guess) and for content he joined a subscription-only mailing list for epilepsy and set it up to autopost from there. Now you search for anyone's name who's ever written to that list in the past few months and you see bits of their personal medical information sprayed all over

2% Implies a known boundry

[jasonmanley]

In order to determine that it is 2% means that they would have to know exactly how much is out there in the first place - how would they know that?

Re:

[thedistrict]

Yeah, that's a good point and with the ceiling for malware constantly expanding, the percentage would change. That is, unless Google is acquiring the same percentage of malware that is coming out in perpetuity. So for all the new malware that comes out every second, Google gets 2%of it.. I can't imagine that's possible, so it seems like most of the malware is probably other places. The only scary part is that there's so much malware out there that 2% represents a pretty significant number of viruses.

Re:

[dkf]

In order to determine that it is 2% means that they would have to know exactly how much is out there in the first place - how would they know that?

There are statistical techniques they can use that were originally developed for working out how many members of an endangered species are in an area. The issue with endangered species is that not only are there not that many of the animals about, but they move around as well. So what you do is capture and tag a few, and come back later on and repeat, noting how many you catch twice. Repeat a few times and you can have a pretty good guess at how many are out there.

I bet that sort of thing could be adapted t

Re:

[m50d]

No, they took a random sample of malware, and found that 2% of it was on blogger, and performed a perfectly valid statistical extrapolation. You're looking at it from the wrong angle; they didn't go and count up all the malware on blogger and say "ooh, this sounds like about 2% to me"

That just sucks!

[motang]

Well there goes the neighborhood!

But this is Google, so..

[zeptobyte]

It's only relevant and targeted malware.

I contracted W32.spybot

[DrewBenstein]

...and it was named as googlestubinst.exe !! Symantec Corp stopped it though.

Not the most exploited site

[Kurrel]

I'd like to see what percentage of infections were facilitated through MySpace, but that would require omniscience just as this figure does.

Targets

[QuietLagoon]

Google's Blogger service is responsible for 2% of the world's malware

.

Microsoft is responsible for nearly 100% of the malware targets.

The root problem is the producers of malware, not the conduits that are used.

unbelievable

[JackassJedi]

Google Blogger "Hosts 2% of World's Malware" That guy surely is one sly dog

Blogger is a real christian

[Kirovsk]

Blogger is a real christian - gives bread and house for all people, kind and evil...

Malware, what's that ?

[DrSkwid]

Pics plz.

Re:

[Macthorpe]

No thanks - I'm pretty sure twitter is capable of ruining Slashdot all on his own.