Google Chrome to guard against drive-by malware
New browser feature to warn users when a website tries to download malicious script
One of the biggest problems on the Internet is that it contains a world-wide mess of malicious websites looking to download script to your computer if you happen to wander into their domains. Visit a site, inadvertently download a code and all of a sudden you are unwittingly part of a botnet and your computer is being used to deliver distributed denial-of-service (DDOS) attacks on the government of Bahrain.
Drive-by hacking. Really, it happens all the time.
In a blog post, Google Chrome browser developers said that they are releasing a new feature to protect users from malicious executable downloads, starting with Windows executables. Drawing data from the blacklist of suspected malware sites in its Safe Browsing API, Chrome will alert users of sites attempting to download information onto your computer.
Google Chrome triumphs in hacker challenge
“We’re starting with a small-scale experimental phase for a subset of our users who subscribe to the Chrome development release channel, and we hope to make this feature available to all users in the next stable release of Google Chrome,” wrote Moheeb Abu Rajab of the Google security team. “We hope that the feature will improve our users’ online experience and help make the Internet a safer place.”
Data from Google’s Safe Browsing API is used by Chrome, Firefox and Apple’s Safari to help protect users from malicious websites and phishing schemes.
“The Internet remains rife with deceptive and harmful content,” Abu Rajab said. “It’s easy to find sites hosting free downloads that promise one thing but actually behave quite differently. These downloads may even perform actions without the user’s consent, such as displaying spam ads, performing click fraud, or stealing other users’ passwords.”
The move by Google follows in the footsteps of Microsoft, which released similar functionality last month for its Internet Explorer browser, by far the most-used browser in the world. IE uses an algorithm it calls SmartScreen Application Reputation that determines the probability that a download is malicious.
Dan Rowinski is a staff reporter covering communications technologies.