New Google Service Helps Infected Websites Clean Up

Diagnostic page details nature of sites flagged as dangerous by Google

Dark Reading logo in a gray background | Dark Reading

Google is now sharing details on why its automatic search deems certain Websites risky.

The search giant this month quietly added a new, free service called the Safe Browsing Diagnostic Page that tells whether a site flagged by Google as potentially dangerous is hosting malware, or helps distribute malware, for instance.

Google’s new diagnostics service provides information about any bad behavior by the site within the past 90 days. The idea is to give owners of the compromised Websites more information to assist in their remediation and cleanup of the site, and to provide users more information on why the site has been flagged.

The search giant’s automatic flagging of potentially risky Websites has been “highly accurate,” according to Niels Provos, senior staff engineer for Google, but it wasn’t easy for Webmasters and users to verify the results. “Attackers often use sophisticated obfuscation techniques or inject malicious payloads only under certain conditions,” Provos wrote in the Google security blog. “With that in mind, we've developed a Safe Browsing diagnostic page that will provide detailed information about our automatic investigations and findings.”

"For users, this increases confidence in our findings. For Webmasters, this information may assist them in cleaning up their servers," Provos told Dark Reading.

Google’s new service got a nod of approval from security watchdog Stopbadware.org for pulling back the covers on Google’s site-flagging process. “We’d like to applaud Google for taking this step in greater transparency. This new resource should help website owners in cleaning and securing their sites faster, which will help protect even more internet users,” Stopbadware.org’s Erica George wrote in the organization’s blog yesterday.

Provos says the diagnostics page provides the current listing status of a site, as well as whether the site or some of its pages had been listed by Google in the past as dangerous. It also details what occurred when Google analyzed the page, when it was detected to be malicious, and what type of malware it contained, for example. Google now also reveals whether the flagged site was serving malware to users, or if it served as an intermediary for malware distribution.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights