Security Company Websense has taken full advantage of Google's binary search capability to create a software product that can detect malware via the search engine. On Friday Vebsense has issued a public statement that reveals the extent of its finds. Approximately 2.000 malicious Web sites were discovered in a month. Additionally, Websense's malware tool has exposed a few hacked legitimate sites.

Dan Hubbard, senior director of security and research with Websense explained the search process. The Google search for standard strings used in known malware reveled malicious web sites because of the engine's binary search capability that reads binary information hosted in executable (.exe) files. "They actually look inside the internals of an executable and index that information," Hubbard said.

Websense stated that although it will share its finds with others in the security industry, it will not make the code public for fear of exploits. He addressed the possibility that users could have easy access to malware using the technology. "Instead of buying them on the black market (an attacker) could search for them and download them on his own," warned Hubbard.

There are those that predict an adaptation on the part of the hacker community in response to the tool. "There is this whole wealth of files out there that Google's not touching," said Johnny Long, a security researcher with Computer Sciences Corp. "This indicates that they're spreading out into more avenues and that they're probably going to be crawling more content than what they're looking at now."