Google Chrome to alert on malware downloads

Filed Under: Featured, Google, Malware

Google ChromeGoogle says that the latest beta version of its popular Chrome browser incorporates a new security feature to warn users that they are trying to download malicious software from a website.

That's not a revolutionary new feature, of course, and various other browsers already protect consumers in this way. Not to mention "conventional" anti-virus solutions which also offer this kind of protection.

Google made the announcement on their Chrome blog, explaining that earlier versions of their browser only warned of drive-by malware attacks.

The latest Chrome beta version, however, "now includes expanded functionality to analyze executable files (such as '.exe' and '.msi' files) that you download. If a file you download is known to be bad, or is hosted on a website that hosts a relatively high percentage of malicious downloads, Chrome will warn you that the file appears to be malicious and that you should discard it."

I wanted to include a screenshot of Google Chrome intercepting malicious software downloaded from websites - but when both I and colleagues in SophosLabs tried to get Google Chrome to alert when downloading malware, we couldn't manage to coax it into noticing.

Admittedly, the test we conducted was only against a very small handful of malware - W32/Parite-B, Troj/Agent-OIK, Mal/Behav-130 - and the EICAR test file. So we shouldn't be too quick to read too much into Chrome's failure in this very limited test.

It is a beta version of Google Chrome after all. And, regardless of Chrome's current or future ability to prevent malware downloads, we would never recommend that users rely solely on their browser for anti-virus protection.

Hopefully the feature will be enhanced in the near future to include detection for more malware, and we'll be able to share a picture of Chrome's new protection feature in action.

, , ,

You might like

8 Responses to Google Chrome to alert on malware downloads

  1. Doesn't Internet Explorer (and Firefox probably) already do this?

    • Jeremy · 1019 days ago

      Firefox does it with addons but IE does it with MSE.

    • chris · 1019 days ago

      IE does it using smartscreen, which has the capability of providing file reputation and malware detection. It's separate from MSE.

      Firefox, afaik, doesn't do it.

  2. Thank you so much for google team.

  3. Alex · 988 days ago

    The exe file of my program which is hosted on my website is not malicious. Virus total shows 0/43. But Google Chrome gives a warning that the file can be dangerous.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.