Google has informed 20,000 web sites that they could be infected with redirect malware.
However given that Google isn't an actual security firm, the company can only suggest that the malware be removed and the vulnerability fixed in order to protect visitors. Google's notification also suggests that site owners keep their software up-to-date, and to contact their Web hosts for technical support.
Even more, compromised server configuration files may be cloaking and showing the malicious content only in certain situations, the company said.
"[This is] part of our ongoing mission to be transparent with webmasters and do our bit to help prevent spam," Google spokesman Mark Jansen said. "In fact, this isn't a new phenomenon; we communicate very openly with webmasters and always have done."
Despite grumblings by critics over disguised malware plaguing the former Android Market, Google seems to be at the forefront of the anti-malware campaign. Just last year, the company removed more than 11 million URLs on the "co.cc" free Web Hosting service from its search results because they were being used by hackers to conduct drive-by attacks and speak malware programs on a regular basis.
"Subdomains are often registered by the thousands at one time and are used to distribute malware and fake anti-virus products on the web," the company said in a blog. "In some cases our malware scanners have found more than 50,000 malware domains from a single bulk provider."
Still, despite the search engine giant's best efforts, the company is only flagging half of all the malicious links rendered by its search engine, says Kaspersky Lab. Why? Because malicious and suspicious Web sites are usually able to use search engine optimization to bypass Google's filters altogether, thus ending up on search results lists anyway.