Google has released it’s Safe Browsing API  thus giving access to any application to it’s malware URL database. The Safe Browsing API is an API that allows client applications to check URLs against Google’s constantly-updated blacklists of suspected phishing and malware pages.

You must have a Google Account to get an Safe Browsing API key, and your API key will be connected to your Google Account.

I have generated my API and I updated the two lists of phishing and malware hosting URLs. 

[goog-malware-hash 1.77] +0000a2e9842085e75a57282eff0e7832 +0001849970ec2acd0b73bfa18eb91ac8 +0001b67cc3f39afdb2a2acb71cd7f869 +00023d5c9707dbe4bece6a215e725f96…

[goog-black-hash 1.830] +00007d518f6b658dc1776bb76ca2b29e +0000d595886c972265a26d38eb07ba2e +00156d6e1cce6db8906c9073d06e572b +00194c0e4a92d09a81748bb214fb245c …

The lists contain MD5 hashes of the actual URLs and this is quite useful as it leaves it up to the developer to use this data as needed. However, Google recommends two standard messages to be shown to the users, should they try to open a blacklisted URL:

• Warning- Suspected phishing page. This page may be a forgery or imitation of another website, designed to trick users into sharing personal or financial information. Entering any personal information on this page may result in identity theft or other abuse. You can find out more about phishing from www.antiphishing.org.
• Warning- Visiting this web site may harm your computer. This page appears to contain malicious code that could be downloaded to your computer without your consent. You can learn more about harmful web content including viruses and other malicious code and how to protect your computer at StopBadware.org.

 I welcome this new tool designed to protect and improve the user browsing experience. In the near future, it would be nice  to see a collaboration and why not, an integration with phishtank.com’s anti-phishing APIs.

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!