Google Chrome Security Feature Targets Drive-by Downloads
Google's security team has launched a new feature for the Chrome Web browser that protects users from Websites that exist to shuttle malware to users' computers.
If users try to download what Chrome suspects is a malicious Microsoft Windows executable file, they will see a warning notifying them that the file appears to be malicious and asking them if they want to complete the download.
Google, which shows the warning graphic here, calls these malware payloads "drive-by downloads."
The move comes just days after email marketing power Epsilon said that attackers had stolen customer data belonging to several of its clients, including Target. Epsilon said thieves might use the information to launch a phishing campaign to trick users out of more sensitive personal data.
For now, Google is test-driving its anti-drive-by download feature for a subset of users who subscribe to the Chrome development release channel.
The goal is to make this feature available to all users in the next stable release of Google Chrome, which would be Version 11. This browser version is still in the developer channel.
This is the latest in a line of malware defenses Google has created.
Google's Safe Browsing API lists malicious Websites to warn users of Google search and browsers such as Chrome, Mozilla Firefox and Apple Safari who try to visit these dangerous Web pages. While Safe Browsing has helped, plenty of Websites still execute click fraud, steal users' passwords or surface spam.
Google's new warning feature will be displayed for any download URL that matches the malicious Website URLs published by the Safe Browsing API.
However, this feature does not enable Google to determine the URLs users are visiting, in accordance with the Safe Browsing privacy rules.
It's heady days for hackers. In addition to the Epsilon breach, Google's new drive-by download protection comes just days after Google unveiled two security projects to improve the SSL (Secure Sockets Layer) infrastructure, which was rocked by the Comodo digital certificate spoofing incident late last month.
A lone hacker infiltrated Comodo Security's root authority system, logging in and issuing digital certificates to Websites owned by Microsoft, Google, Yahoo, Skype and Mozilla.