Hidden malware search capabilities within Google which were reserved for
antivirus and security research firms just weeks ago have been cracked by
hackers, according to security industry sources.
The key to finding malware in Google lies in having the signature for the
specific malware program, according to researchers from enterprise IT security
firm Secure Computing.
However, the company reported that these previously hidden search
capabilities have recently fallen into the hands of hackers.
"Why bother creating a new virus, worm or Trojan when you can simply find one
and download it using Google?" said Paul Henry, vice president of strategic
accounts at Secure Computing.
"Unskilled hackers can use this previously unknown capability of Google to
download malware and release it on the internet in targeted attacks as if they
wrote it themselves."
Secure Computing said that hackers are now sharing these signatures openly on
the internet, making it easy to search Google for the signature of a specific
piece of malware.
Websites now catalogue these signatures and allow users simply to enter the
malware program name and download the signature for the malware from the
database, Henry warned.
Users of these signature catalogues are encouraged to submit new malware so
that the site owners can quickly generate a signature for the malware for their
community of users.
Do you agree?
Have your say on this article