Google Groups Still Littered With Malware-Infected Explicit
Sunbelt Software CEO Alex Eckelberry says the problem is directly tied to hacks of
Google's CAPTCHA security.
By Thomas Claburn, InformationWeek
pril 9, 2008
Malware-infected porn continues to proliferate on Google Groups pages.
To demonstrate, Sunbelt Software CEO Alex Eckelberry
strode purposefully through the RSA
Conference exhibition hall Tuesday afternoon, toward a bank of computers set up for public use by
conference attendees. From the Google Groups advanced search page, he entered the keywords
"porn video" and restricted the search to the past three months.
The Google Groups search results listed 838,000 posts made between Jan. 9 and April 8 that fit the
search criteria. Most of those pages, Eckelberry said, contain malware. To prove his point, he clicked
through to several of the Google Groups pages hosting explicit videos. In each case, dialogue boxes
opped up asking Eckelberry to agree to install phony media codecs that are actually malware.
"This is directly because of the CAPTCHA hack," Eckelberry said, noting that the conference
computers could not be infected because they were completely locked down.
Certainly not every one of those hundreds of thousands of pages contains malware. The handful of
top Google Groups search results Eckelberry tested were infected. (Really, there are only so many
orn pages one can test for malware on a public computer at a security show.)
CAPTCHA stands for Completely Automated Public Turing Test to Tell Computers and Humans
Apart. CAPTCHA images are used by online companies like Google, Microsoft, and Yahoo to
ensure that those creating new accounts or posting comments or content online are individuals rather
than spam bots. But increasingly, machines are able to decipher CAPTCHA images.
According to MessageLabs, the CAPTCHA systems used by Microsoft's Hotmail and Yahoo Mail
were being regularly defeated last year. In late February and early March, security vendors
, respectively, said that spammers had managed to achieve at least a
20% success rate in attempts to defeat Google's CAPTCHA system.
CAPTCHA systems can also be defeated, albeit at a slower rate, by offering inducements to people
e markets to solve CAPTCHA challen
Page 1 of 2Google Groups Still Littered With Malware-Infected Explicit Videos
A Google spokesperson said that the company's security engineers continue to see significant human
involvement in creating accounts for misuse.
Google continues to mount a vigorous defense of its properties, to protect both its users and its
brand. Google's spokesperson noted that the company in February had closed a hole that allowed
malicious users to construct a Google URL with an "I'm Feeling Lucky" redirection command that
could send victims to malware sites. The question is whether a vigorous defense is enough.
Copyright © 2007 CMP Media LLC
Page 2 of 2Google Groups Still Littered With Malware-Infected Explicit Videos