I always surf the web with my trusted WOT add-on for Firefox, it warns me when a site is rated dangerous. What would virus-scanyou think if we told you that Google’s developer site was serving up more than cool content? I am sure you would feel safe on any site that is part of the mother ship called Google, but think again. Google’s free code-hosting Web site for developers is being used to distribute malware, a security researcher said on Friday.

Google Code is a place where programmers can host projects and code. Along with the legitimate code are links to fake videos that direct users to download a missing codec, said Dave Marcus, director of security research for McAfee Avert Labs. The codecs turn out instead to be password-stealing Trojan horses and programs geared toward stealing financial information for identity fraud, he said.

“They’re using it as a way to send out links or as a place to house their links and redirects because it’s Google and obviously it gets highly ranked in the index,” he said. “The bad guys look for services like this as a way to push out code.”

A Google spokesman said the company has removed malware-distributing projects from Google Code and search results.

Google can’t make the world a perfect place, but they’re working hard to keep users safe from malicious code.