Google Text Ads For Known Malware Sites 110
notthatwillsmith writes "We all know that Google purges known 'attack sites' — sites that deliver viruses, spyware, or other malware to visitors — from its index of searchable sites, but that doesn't stop the text ad giant from happily selling ads linking to those sites. One wouldn't think it would be any more difficult to cross-reference the list of purged sites with the list of advertisers than it was for the main search index, would it?" To be fair, the article says that Google shut down the ad when notified of it; and no other examples of linked malware are offered. Was this a one-time oversight?
Re:Is there a demand for guides in the bad places? (Score:4, Informative)
What Google should really be responsible for... (Score:5, Informative)
Google should really be responsible for testing its own links and purging/fixing the latest scam, "referrer redirect" hijacks.
It's a form of attack wherein a hijacked website works correctly... as long as your Referrer string doesn't include certain key words ("Google", "Yahoo", "MSN", etc). The trick being, the website won't know they have been hacked because if they get a notice saying they have, then test their own homepage directly, it still works. If you have a referrer, you get redirected to a drive-by download page (for something like "Windows Antivirus 2009" or similar).
Why is this insidious? Because it gets around a lot of the "known registry", "anti-phishing" plugins.
Google served up the link; they should have a responsibility to do a periodic check that the links they serve aren't going to a bad place, and inform the victim if they've been referrer-redirect hijacked.
Re:Responsibility (Score:3, Informative)
Its very easy to say Google should know what Google is doing but we all know that interdepartmental communications in large companies sometimes don't work all that well.
/sarcasm on /sarcasm off
Yes, I am sure that with all the smart people at google it never occured to ANYONE that maybe it would be a good idea to use that spam/malware site filter on adwords. Its not like those are two of the most well known groups at Google or anything.
Google has been selling ads to link farms forever even though it (attempts) to filter them out of search results. It is their policy to do so even though they do everything they can to lower their rank in regular search results.
It would be easy for them to do so but they choose not to do it. Come on guys, if Google filtered and MS did not everyone would be ranting about how MS is promoting malware and spam to make a quick buck.
Re:But no one ever clicks on the ads (Score:4, Informative)
Ah, but in the contract you must accept with Google, they explicitly forbid you to do anything to attract attention to the ads, which does sort of make sense...
All that and a poison apple, might as well remove the ads entirely.