False Google Chrome malware warning blocks tech sites

During the blockage period, visitors to those websites were served a can’t-miss warning of “malware ahead!” But according to isocket, it was all a false alarm.

“So far we have zero indications of malware actually being distributed by our ad server, and zero traces of any breaches to our industry-standard security,” John Ramey, isocket founder and CEO, was quick to note to Search Engine Watch. “Google’s malware system is often contradictory and prone to false positives that inappropriately cripple good websites. We are vigorously investigating what the issue may have been and trying to get our publishers back online. It’d be nice if Google was as quick to fix a false positive as they were to cripple good businesses.”

This isn’t the first time that Google has mis-flagged a popular website. In December it marked popular social picture-sharing service TwitPic as malware-laden, blocking it from the Google Chrome browser. The warning also affected sites that rely on the TwitPic API.

It tweeted out, “Working to fix the google chrome malware notice when visiting Twitpic.com as this is not true or the case, trying to contact google.”

Google appears to think it best to err on the side of caution, and that means that to some extent, false positives are inevitable. According to its June “Safe Browsing” report, it flags around 12–14 million websites returned by Google Search queries per day as being compromised. And it uncovers about 9,500 malicious sites per day. However, it protects, it noted, 600 million users with built-in browser protection.

“The threat landscape changes rapidly. Our adversaries are highly motivated by making money from unsuspecting victims, and at great cost to everyone involved,” Google security expert Niels Provos said in a blog. “Our tangible impact in making the web more secure and our ability to directly protect users from harm has been a great source of motivation for everyone on the Safe Browsing team. We are also happy that our free data feed has become the de facto base of comparison for academic research in this space.”

What’s hot on Infosecurity Magazine?