With one tool to help webmasters spot malware

Oct 13, 2009 15:06 GMT  ·  By

Google is expanding its Labs program to its set of Webmaster Tools with the launch of two new features that many may find useful. The “Malware details” tool does what its name implies, namely it gives website owners details about what portion on their sites may be infected with malicious code, making it easier for them to identify and clean it. The second tool, “Fetch as Googlebot,” is designed to offer webmasters an easy way of knowing what the Googlebot extracts from their websites.

“The Webmaster Tools team is lucky to have passionate users who provide us with a great set of feature ideas. Going forward, we'll be launching some features under the 'Labs' label so we can quickly transition from concept to production, and hear your feedback ASAP. With Labs releases, you have the opportunity to play with features and have your feedback heard much earlier in the development lifecycle. On the flip side, since these features are available early in the release cycle they're not as robust, and may break at times,” Sagar Kamdar, product manager, Webmaster Tools, wrote.

Google's search engine has a form malware detection implemented at the low level allowing it to identify corrupted websites and notify the users and the webmasters about the issue. Users trying to reach those sites from the search engine will be warned of the possible infection and browsers like Chrome, Firefox and Safari also use the data gathered in a similar fashion. Google also reaches out to the owners of the websites, many of which may be unaware of the infection.

Now, Google takes it one step further, showing webmasters actual snippets of the code that the malware scanner has flagged as malicious, allowing them to quickly identify the malicious code or infected file. The tool is available to all webmasters through the Webmaster Tools' newly launched Labs section and it doesn't have to be specifically enabled for it to be active. While it could prove very useful, Google warns that it's far from comprehensive and some code may not be detected. The company also warns that simply removing the code may not be enough, if the vulnerability exploited isn't also patched.

The second tool available at the launch of the Labs section is “Fetch as Googlebot.” The tool is indented to give website owners a clearer understanding of what exactly the Googlebot is extracting from their pages and any problems that may creep up. It is intended to supplement the features already available, like the keywords and HTML suggestions.