Google announced today harsher measures against website operators that abuse its Safe Browsing system to distribute malware by pretending to play nice and requesting quick reviews to lift bans, only to revert back to distributing harmful content.

The search engine giant said it plans to ban repeated offenders for 30 days, starting with today's announcement.

Crooks have long abused Google's Safe Browsing System

For almost eleven years Google has used the Safe Browsing system to scan and mark malicious websites as dangerous, first in search results, and then in Chrome, and browsers that implemented the Safe Browsing API, such as Firefox.

Whenever Google would detect a hacked website, if the website was registered in its Search Console, it would send out an email to the site's webmaster, letting him know of the issues it discovered.

Webmasters could remediate the issue and ask for a review, or Google would scan the website at regular intervals, and deem it safe once the malicious content, such as phishing or malware, was removed.

Operators of malicious websites found this review process very appealing.

They could distribute malware or carry out phishing operations as much as their heart desired. If Google discovered their domain and marked it as dangerous, they'd simply remove the malicious content, and ask for a review hours or days later. After Google lifted the ban, threat actors would revert back to their shady operations.

Only repeated offenders face the 30-day ban

Starting today, Google says it created a special category in the Safe Browsing system called "Repeated Offenders." Google says that websites that have used these tactics in the past, or use it in the future, will be placed in this category.

Once the Safe Browsing system marks the website of a Repeated Offender as malicious, the site's owner can't request a review for 30 days.

Google said that hacked websites are not considered repeated offenders, and only websites that "purposefully post harmful content." Google will notify website owners via email if their domain has been marked as a Repeated Offender.

Also today, Google announced a new website for Safe Browsing.

Related Articles:

Google Chrome to let Isolated Web App access sensitive USB devices

Polyfill.io JavaScript supply chain attack impacts over 100K sites

Chrome for Android tests feature that securely verifies your ID with sites

YouTube tests harder-to-block server-side ad injection in videos

Google patches exploited Android zero-day on Pixel devices