Google has started warning some search users of malware on their computers, after it found unusual search traffic coming through a small number of intermediary servers called proxies.
The company said in a post on its online security blog that the particular malware causes infected computers to send traffic to Google through the proxies.
Google is putting up a notification at the top of Google web search results to users whose traffic is coming through the proxies. The notice warns uses that their computer is infected with software that intercepts their connection with Google and other sites, Damian Menscher , a Google security engineer said in the post.
Google hopes to work with users to help them update their antivirus software and remove the infections.
“I think what Google is doing should be applauded, as anything which warns computer users about genuine malware threats has to be a good thing,” said Graham Cluley, senior technology consultant at security firm Sophos.”But, sadly and inevitably, there is the potential for cybercriminals to mimic the Google warning and direct users to dangerous downloads,” Cluley said.
However, that alone shouldn’t discourage Google from warning its users when it believes it has identified a security problem, he said.
Google said it found the unusual search traffic while doing routine maintenance on one of its data centers. After collaborating with security engineers at several companies that were sending the modified traffic, Google determined that the computers exhibiting this behavior were infected with a particular strain of malware.
Menscher did not provide details on the malware.
John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John’s e-mail address is john_ribeiro@idg.com