Google Helps With Malware Detection and Removal
In two previous blog posts we took a look at IFRAME Injection Attacks on websites where malicious code (malware) is inserted into web pages, and at Google Safe Browsing and what it means to site owners. Since those posts, Google has made a few blog posts of their own discussing malware. Two posts in particular are quite informative about how to detect and clean malware, and in getting removed from the “bad” list at Google in search results and browser plugins.
Getting de-listed from Google’s malware database
Google’s blog post The Malware Warning Review Process covers how a webmaster, once they’ve identified malware on their site, can submit a review request to Google. The first step is removing all the malware from all infected webpages. Once removed, a webmaster can submit a review request via Google’s Webmaster Tools. Google says they can complete these reviews within a few hours or at most one day after receiving the request.
Once Google deems the website to be clean, they will then remove the site from their database of infected sites, which will remove the warning on search results and remove the warning from browsers using their data (such as Firefox and Chrome).
Find and Remove Malware
Google’s last blog post titled Show Me the Malware discusses how Google finds sites that have dangerous code. More importantly, they have made available a new feature in Google’s Webmaster Tools that shows webmasters samples of the actual malicious code on their pages. This makes it easier to identify which pages are compromised, where the code is located, and how to remove it. Listed here may be pages that have questionable material but have not yet been added to the database of malware sites, giving webmasters a head start to remove the code before it triggers the site being listed and blocked.