Google announced a new security feature today for the Google Chrome product. The Chrome team are enhancing the implementation of their Safe Browsing API service to include downloaded files.
What is the Safe Browsing API? It is an online database of known phishing sites and malware infected web pages that is hosted at Google.
Applications like Chrome, Firefox and Safari can query this database in real time to provide protection against the latest internet threats.
Google’s API is open to other software application developers as well, although the primary use case seems to be browsers.
What Google is announcing is that starting with the developer builds of Google Chrome they will now check files you attempt to download against their API.
This could be a very valuable technique for protecting users of Google Chrome against threats like Fake anti-virus.
Often there are many, many sites, some of which are not blacklisted in Safe Browsing, but they all point to the same location for the actual malware download.
By adding support for these known malware destinations they will reduce the number of infections for users using Chrome. This is a very similar method to protect endpoints that we use in Sophos Live URL Filtering.
To learn more about threats on the web, download our paper “Modern Web Attacks” by SophosLabs researcher Fraser Howard.