Many news media outlets have been making it sound like Google was accidentally spreading malware. Even the Wall Street Journal said “One Million Google Users Hit with Malware”.
Actually, Google was just notifying people that it had detected malware on their computer. Google’s system wasn’t actually searching your system — which would be an invasion of privacy — but it was detecting a specific malware program that is known to redirect traffic to Google’s systems.
In other words, Google was detecting software, other than the users browser, which was communicating with Google’s servers.
I have yet to learn what the purpose of this malware was, but I have some thoughts on it. It may have been trying to burden Google’s servers with additional traffic. Or it may have been targeting Google’s ad network.
I suspect if they were targeting the ad network they might be trying to make fraudulent clicks on the pay-per-click Adsense and Adwords network. If you’ve seen “Ads from Google” on a web site, such as the ones you see on this blog, then you should know that Google pays the site owner every time someone clicks on an ad. This is usually just a few cents, but they can add up. The fraudulent clicks take money from the advertiser and Google.
Any software that can compromise Google’s Ad network would affect Google’s reliability and reputation. Since ads are Google’s big earner they can’t allow that to happen.
So while the Wall Street Journal reporters in the video above think Google could be come a first line of defense against malware, Google was just watching out for themselves and their advertisers.