Google: IP spoofing on the rise

Google Safe Browsing/IP Spoofing

Google has been running its Safe Browsing service for about four years, with a goal towards providing an open service that Web browsing applications can check against to see if a particular site is suspected of hosting malware or phishing scams. Now, Google has published an analysis (PDF) of more than 160 million Web pages on more than 8 million sites to look for trends in how malware is distributed—and finds that while social engineering tricks play a small role and plug-in and browser exploits are still common, malware distributors are increasingly turning to IP spoofing in hopes of avoiding detection.

Overall, Google finds that malware distributors rely on exploiting a vulnerability in a browser or a plug-in to install malware on users’ systems in what are known as drive-by attacks: typically, all users need to do is load a Web with the malicious code, and their systems are compromised. Google’s Safe Browsing initiative has automated tools that scan sites looking for these attempted exploits, and adds them to its database of questionable and dangerous sites if they’re found.

However, malware authors are increasingly turning to IP spoofing to avoid detection. In this case, the technique doesn’t involve using router trickery in order to make traffic from one source look like it comes from another; instead, the malware distributors try to detect connections from Google’s Safe Browsing survey (and services like it) and serve perfectly safe, innocuous Web pages to those services…saving its nasty payload for visitors they believe to be real users.

“The concept behind cloaking is simple: serve benign content to detection systems, but serve malicious content to normal Web page visitors,” wrote Lucas Ballard and Niels Provos in the Google Online Security blog. “Over the years, we have seen more malicious sites engaging in IP cloaking.”

Google emphasizes it is constantly adjusting its scanners with “state-of-the-art malware detection” to compensate for IP cloaking techniques, but notes malware distributors and security services will always be in an arms race…with security folks most often trying to play catch-up.

Google also notes that, with only a couple exceptions, browser and plug-in vulnerabilities used by malware distributors are only used for a comparatively short period of time: as soon as a new vulnerability is discovered—or an old one is patched—malware authors quickly move on to another exploit.

Google also notes that while getting people to install malware using social engineering—tricking people into downloading dangerous software, usually by promising a plug-in or antivirus package—is still common and on the rise, it’s employed by only about two percent of sites that distribute malware.

Product Review

Hotter than a Dot? Google's Home Mini outsmarts, doesn't outperform Amazon rival

With voice match and improved artificial intelligence capabilities, the $49 Google Home Mini is a voice assistant that seamlessly puts the Google platform on the tip of your tongue.
Home Theater

Cutting the cord? Let us help you find the best service for live TV streaming

There's a long list of live TV streaming services available to help you cut the cord and replace your traditional TV subscription. Each is different in important ways, and this guide will help you find the best one for you.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Movies & TV

The best shows on Netflix in October, from 'Mindhunter’ to ‘The Good Place’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

Apple Mac users should take a bite out of these awesome games

Contrary to popular belief, there exists a bevy of popular A-list games compatible for Mac computers. Take a look at our picks for the best Mac games available for Apple fans.
Emerging Tech

MIT is building a new $1 billion college dedicated to all things A.I.

Massachusetts Institute of Technology (MIT) has announced a new $1 billion college of computing designed to offer the best possible education to future machine learning A.I. experts.

Remove photo bombs, other unwanted objects with Photoshop’s new Content-Aware Fill

Photoshop's newest A.I-powered tool helps remove objects or fill in gaps for a distraction-free photo in the new Adobe Photoshop CC 2019. Here's how to remove an object in Photoshop using the new Content-Aware Fill.

Feed your fandom: These are the best YouTube channels for sports lovers

If you're a cable cutter who still wants to enjoy quality sports highlights and analysis, YouTube is the place to go. There are plenty of great sports-centric channels on YouTube, each of which provides great highlights and top-shelf…

Adobe Premiere Rush CC is the cloud-based video editing app you've been waiting for

On stage at Adobe MAX 2018, Adobe announced its cloud-centric, social video-editing application, Adobe Premiere Rush CC. We took some time to put it through its paces to see what it offers, how it works, and what's missing.
Social Media

YouTube is back after crashing for users around the world

It's rare to see YouTube suffer serious issues, but the site went down around the world for a period of time on October 16. It's back now, and we can confirm it's loading normally on desktop and mobile.

Winamp eyes big comeback in 2019 with podcast, streaming support

Classic audio player Winamp is getting a major overhaul in 2019 that's designed to bring it up-to-date and make it competitive with the likes of Apple Music, Amazon Music, Spotify, Audible, and more, all in one go.

Is the Pixelbook 2 still happening? Here's everything we know so far

What will the Pixelbook 2 be like? Has the Pixel Slate taken its place? Google hasn't announced it, but thanks to rumors and leaks, we think we have a pretty good idea of what the potential new flagship Chromebook will be like.

Adobe MAX 2018: What it is, why it matters, and what to expect

Each year, Adobe uses its Adobe MAX conference to show off its latest apps, technologies, and tools to help simplify and improve the workflow of creatives the world over. Here's what you should expect from this year's conference.

Problems with Microsoft’s Windows October 2018 Update aren’t over yet

Microsoft's Windows 10 October 2018 update is not having a great launch. More than two weeks after its debut and Microsoft is still putting out fires as new bugs are discovered and there's no sign of its re-release as of yet.