Perhaps this is not such a good thing, a search engine that works to locate malware examples via Google queries. I mean, regardless of the intention of the reason for such a project, surely this can’t be a good thing.

HD Moore, creator of the metasploit hacking tool and the security researcher behind the Month of Browser Bugs, or MOBB, project, has released a search engine that finds live malware samples through Google queries.

The new Malware Search engine provides a Web interface that allows anyone to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables.

The release of the search engine was motivated in part by a recent announcement by Websense Security Labs, of San Diego-based Websense, that it was using the freely available Google SOAP (Simple Object Access Protocol) search API to find dangerous .exe files sitting on Web servers.

Besides SOAP, the Google API uses WSDL (Web Services Description Language) standards to offer developers an easy way to run search queries outside of the browser. Because of the way the search engine indexes executables, Websense was able to create code to look for strings associated with malware packers.

Dan Hubbard, senior director of security and technology research at Websense, said the use of the Google API started as an experiment after bloggers noticed that some Google search queries were returning .exe files…. Source: eWeek