What is the countermeasure against a group of malicious software "UwS" set as "a threat of the Internet" to Google?


ByChristiaan Colen

Google announced "Safe Browsing" in 2007 to alert users who visited suspected websites, and is stepping up security to protect users against threats on the web. However, malware and adware continue to evolve at a tremendous speed, and new infection routes appear one after another. The threat on the web that uses these new methods, GoogleUnwanted Software(UwS) ", which trends and countermeasures are disclosed.

Google Online Security Blog: Year one: progress in the fight against Unwanted Software
https://googleonlinesecurity.blogspot.jp/2015/12/year-one-progress-in-fight-against.html

According to Google, reports from users such as "I lost privileges to change browser settings", "Software installed and uninstallable without notice", "Can not uninstall screen", "Advertisement full of screens" has been increasing in recent years, The threat on the Web causing the problem is called "UwS", and it is said that measures are taken by establishing a special security team.


In order to clarify "What is UwS", Google has defined the definition of "UwS" as follows.
· If you promise a valuable proposal, you do not realize it. I intend to deceive users
· I try to cheat and install the user. Or use other people's wireless Internet connection without permission during installation
· Do not accurately communicate software functions to users
· Harmfully affect the user's system
· Difficult to delete
· Collect personal information without notifying the user
· It is set with other software. Also, the existence of the software itself is not disclosed

After defining the definition of UwS, Google investigated how UwS is infected and diffused. In the survey, it turned out that many of UwS are using malware "add injector (ad insertion tool)". An add injector is a tool that displays advertisements that do not belong to the page originally, UwS is a method of directing users to click on advertisements displayed by the add injector, and automatically installing malicious software when clicking It is said that it is heavily using.


In order to eliminate this UwS, Google has incorporated UwS detection function into safe browsing and enhanced security to display a warning screen when Chrome and other browser users try to visit a website containing UwS. The following image is an actual warning screen.


Also,"Chrome Cleanup Tool"UwS removal tool was installed, and as a result removal of UwS was confirmed from more than 40 million devices. Furthermore, we focus on eradication of UwS such as not displaying a website containing UwS in search results, eliminating AdSense advertisements leading to websites including UwS.

Thanks to these measures, the number of reports on UwS from users has decreased, and the damage on UwS seems to be decreasing. Google is planning various countermeasures so that UwS will not be on the Internet from now on.

in Security, Posted by darkhorse_log