Google inadvertently hosts Trojan


Google inadvertently hosts Trojan

Tash Shifrin

Google’s website hosting service is home to a Trojan Horse, security experts have warned.

Websense Security Labs warned that Google Pages was hosting malicious code on a site with the same IP address as the main site. The Trojan has been designed to steal banking credentials on visiting pre-defined financial institutions’ sites, the security firm said.

But Websense added that it had not received reports of any attempts to lure users to the affected sites through email or instant messaging.

Exploit code had not materialised either, Websense said in an alert. But the firm warned that an exploit could still be in “the setup phase” or not be widely distributed yet.

Last November, the search engine giant was forced to patch its Google Base content-hosting service to prevent attackers stealing sensitive information from users.

A flaw allowed attackers to steal cookies and other information from Google Base users and embed fraudulent forms in Google Base web pages. Google has also had to tackle cross-site scripting vulnerabilities in its search service.


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy