eWeek: Websense Mines for Malicious Code with Google
Malware hunters at Websense’s Security Labs have figured out a way to use the freely available Google API to find dangerous .exe files sitting on thousands of Web servers around the world.
The Google API uses the SOAP (Simple Object Access Protocol) and WSDL (Web Services Description Language) standards to offer developers an easy way to run search queries outside of the browser and, because of the way the search engine indexes executables, Websense was able to create code to look for strings associated with malware packers.
Dan Hubbard, senior director of security and technology research at the San Diego-based Web filtering software firm, said the use of the Google API started as an experiment after bloggers noticed that some Google search queries were returning .exe files. [Read On]
Google query > “Size of Stack Reserve” ; “Signature: 00004550”