Google Discovers Malware

In an early morning (our time) post in Google+, Matt Cutts has announced that Google has discovered that some users computers appear to be infected by a type of malware (malicious software) that uses their computers to send traffic to Google through a series of proxies.

Because Google can detect these unusual patterns in traffic, and trace them through the proxies that are used, Google is in the unique position of being able to inform users if they’ve been infected. (This malware is unique to Windows. If you use a different OS, don’t worry about it.)

Check Your Own Computer

In his post, he wrote, “If you go to Google and do a search (any word will do) right now, check to see whether you get a “Your computer appears to be infected” warning at the top of the search results. If you see the message, you need to clean up the infection from your machine.”

You can read Google’s full (but brief) announcement here: Google Blog: Using Data To Protect People From Malware.

“Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or “malware.” As a result of this discovery, today some people will see a prominent notification at the top of their Google web search results.”

Below, you’ll see an example of what the warning message looks like (courtesy of the official Google Blog).

The Power of Traffic Analysis

When I first saw this, I thought they warned you by scanning your machine. I was relieved to find that wasn’t the case. (I’m not always complimentary about Google, you see.)

Instead, it’s both logical, and impressive, that they not only are able to detect this sort of thing by analysing their own traffic, but are making an effort to let people know. +1 Google.

It just goes to show how important it is to monitor your traffic and site performance. Like in this case, it can be an early warning sign of things going wrong.