(computer beeping) - [Narrator] If you were
regularly using the internet in around 2006, there was a brief moment in time where making one simple typo, would crash your computer beyond repair. (computer buzzing) This typo was Goggle. The word had gone
relatively under the radar for a couple of years, going unnoticed by most
users just passing by. But as the worldwide web
continued to grow exponentially and more respected websites came in, more people started to notice it and saw just how
devastating it really was. Such a simple word, Goggle was basically
the internet spousalisc, instantly killing the
computers of any user who simply typed it in. This wasn't just annoying popups, this was something that
actually did you harm. At least that was the word
that was getting around. You see Goggle was widely
talked about during its day. A subject that got so popular, it led to the creation of
an antivirus commercial and a legal dispute. But now, pretty much no
information on it has survived. Just a couple of articles and forums, but that's about it. Everything else has seemingly
been lost to history. Even the Wayback Machine
has blacklisted it from being archived on their database. It's almost like the internet, does not want you to know about Goggle, just because of how
truly dangerous it was. These circumstances have
instead just left the internet with mostly ambiguity, some recalling the website
being very dangerous. Others passing it off as an internet hoax, at least the media depicting it. Consequently, Goggle has since become
an internet urban legend, frozen in the era it was conceived. But was the story of goggle.com
just a victim of its time where online record keeping
wasn't much of a priority? Or was it something much darker? Now, before we investigate the strange story behind goggle.com, here is a word from our sponsor. Kamikoto produces beautifully
crafted kitchen knives that make user convenience and ease of use top
priority while cooking. These knives are created
from Japanese steel, perfected with century
old traditional techniques to make handcrafted knives. And these knives are
used by several chefs, working at Michelin star restaurants. Kamikoto only uses Japanese steel, sourced from prefectures such as Niigata, Ibaraki and Kanagawa with each blade designed using methods that have been mastered by
generations of knifesmiths, but not only that, Kamikoto also prioritizes
both safety and presentation as each knife comes in a
beautiful heavy-duty Ashwood box. I truly love how elegantly
packaged these knives are, which makes them a great gift. And each blade goes through
a rigorous 19-step process that produces a polished, sharpened and excrutiatingly fine edge. As you can clearly see, I am by no means skilled
with chopping food, but even I noticed how
lightweight these blades are and how seamless it was
chopping these potatoes for instance. Kamikoto is so dedicated to
creating high quality products that each knife is individually inspected and comes with a lifetime guarantee. The best part, Kamikoto is currently
having a holiday discount by using the code or visiting
the link on the screen, you can get an additional
$50 off any product that you purchase. Now that is a steal, no pun intended. So, get that special someone, a special gift with Kamikoto. In order to really
understand the mysterious and devastating nature behind goggle.com. We first need to focus
on the website's purpose, how it functioned and how both these things work together to lead to its prominence. To really get into comprehensive detail, we need to trace back
to the websites origins. As you could imagine, this will be quite difficult with the limited information out there, but there really is only a few
missing pieces of the puzzle. There's no definitive answers, but we can infer on when
it was most likely created. The actual domain for goggle.com appears to have been registered on
Valentine's Day of 1998. This is actually a
pretty interesting detail that I will get into in a minute. The website appeared to have been dormant for around six years, until it reportedly
became malicious in 2004, according to very few sources. What's interesting is
that there is no evidence of this website ever
existing prior to 2006 and all internet archive sites, either have the website blocked or simply didn't keep record
of it prior to the date. For all we know goggle.com, could have been some geo
cities website prior to 2004. And whether it was bought
out by some malicious company or started off that way is a mystery. You might not know a whole lot about how the website came to be, but just from visiting
the site at the time, it was pretty clear what
its main purpose was. So, what was the point of goggle.com? Why did it exist? You probably guessed it from a mile away, but if not, I will fill you in. Goggle.com served as what we
call a typosquatting website, which is exactly how it sounds, any user who misspelled google.com, looking for the search engine, as you would imagine, would sometimes end up
on this site instead. And the user may not even realize it for a couple of seconds, giving the website a brief
moment to do at the time, whatever it wanted. Of course there were a ton
of different variations of misspelling Google, but Goggle was one of
the many frequent ones. And this role that the website had is undeniably what made it
become as popular as it did. As I mentioned, there isn't any evidence that goggle.com was in fact malicious in 2004, except for some claims
from some tertiary sources. But the timeline does add up. In 2000 Google was exploding and on its way to becoming
the number one search engine on the web. And in 2004, the company had officially gone public. This was a very important year for Google and only got its name out there even further. At this point in time, most people knew what Google was, but just barely for the people who still didn’t use the internet at that time, like very young children or the elderly for example. It was just that search website that started with a G. Some of these people might have remembered the site as being called “Goggle” and went there instead. So that’s probably why it existed. To fool people, like you and me, back in the 2000s who, at the time, probably only had a general idea of what Google was, and just by a clumsy thumbsy or a faulty memory, might have typed in this address instead. These are all educated guesses of course and there’s no proof, but they could be good explanations for why Goggle.com got so popular. It is possible that the site owner saw this growing trend and took advantage of it, it’s actually quite a brilliant scam but we simply don’t know. There were two possibilities, either people were looking for Google thinking it was called Goggle, or they just typed it in wrong. Either way, it worked, because ultimately the website was misleading Google users, or was it? Was Goggle.com actually a typosquatting site? Or was this just a coincidence. This is when the domains
registration date comes in. Take a look at it, early 1998. Why is this important? Well, the actual Google's
domain was registered in 1997, just five months prior. Keep in mind that Google was still in prototype phase at this time and didn't even officially
launch until September of 1998, almost a year later. in 1998, you still had
other search engines, dominating the web like Yahoo or Dogpile, Google was just getting started. So, why would a website
want to impersonate, some obscure search engine
that only might be successful? This information alone, could support the
narrative that goggle.com was just a normal website at this time. After all goggle is a real word. It's not just a strange misspelling. Perhaps the website was
just spot out later on when people saw the
possibilities that it had or maybe goggle.com was
always a dangerous website, but never had any motive
on targeting Google users. The name was instead just a coincidence and a similarly spelled website, just becoming insanely
popular at the time, led to a perfect storm of circumstances. But regardless of the
website's intentions, that's what it ended up becoming. The odds of such a typo were slim, but the small chances that
did happen were catastrophic. So, what did goggle.com do to its victims? Well, a lot. Things that today due to better security and more advanced software
would be either unconventional or flat out impossible. For example, the moment you even joined
the goggle.com web page, it would instantly download and install dozens of
malware and popup adds. Some of which were
obscene to your computer, at least according to legend. Luckily now we have popup
blockers that we take for granted and user account control, makes sure that these things
install with our consent firs, but that feature was
introduced in windows Vista, which hadn't come out yet. In 2006, most people were using Windows XP or even 9X Windows. They didn't have the security and resources available to them that would be provided in Windows Vista. Goggle.com took advantage of that, if you were some layman computer user, running Windows XP and
using Internet Explorer, you weren't going to be victim to this. And this was exactly the kind of people, a site like this was targeting, the clumsy and the gullible. It was essentially a more discreet version of a drive by download, a download that the user
indirectly authorizes. But this is just the superficial
stuff of what the site did. What's really interesting about goggle.com is that it wasn't just some single, really sophisticated computer
virus hosted on the web, even though it might appear that way. It was basically a ton of
different computer viruses, working together to cause
damage in their own way. Kind of like the, ILOVEYOU worm, Goggle.com was pretty much
a Frankenstein's monster, conglomerate of malicious software, resulting in a bunch of moving
parts that created a website that pretty much had a mind of its own. The pop-up ads were there to annoy you and distract you from
noticing the real threat that was surreptitiously
working in the background, which leads to the next question. What made goggle.com so dangerous? Well, Goggle did something pretty unique to other contemporary
typosquatter websites. It took advantage of a very big exploit that was present in Windows at the time. The WNF exploit, short
for Windows Meta File. WMF files were basically image files where whenever you opened one, a bunch of computer commands, would essentially start
running in the background, constructing colors, lines and shapes to compile the image together, so that you can see it
and interact with it. Well, one of the many components that helps run these commands, a particular DLL file
responsible for communicating with printers and monitors, had a vulnerability in it that basically caused the file to panic and allow it to execute
any Windows command. So, all a programmer had to do was create an image file were the moment a user clicked on it, it immediately downloaded a
dangerous program for example, this actually happened with
Myspace in July of 2006, where millions of users clicked
on a banner advertisement and unknowingly downloaded spyware, because of this exploit, there was almost no protection
from drive by downloads. Remember all those pop-up ads? Well, if you accidentally
clicked on one trying to get rid of it or whatever, you would end up downloading
goggle.com's secret weapon, SpySheriff. This program probably
could have its own video, but Goggle was able to mass
spread it across computers. SpySheriff was malware that pretended to be an antivirus program. It would lie, saying that you have all
these viruses installed on your computer and would
sometimes even charge users to remove them. This was perfect timing
on the program's end too. You just visited a suspicious website. And after leaving, you have an alert saying
your computer is infected. For a non-experienced computer user, they might think this is legitimate and from built in Windows
antivirus software and thus granted permission
for more administrative access. During the installation process, SpySheriff would mess with registry keys and install itself in a way that would pretty much bake it, into your operating system. It would block your
entire internet connection where the only accessible
website was SpySheriff's. It would create administrator accounts, without your consent and change
vital system preferences. It would change your background
to a spyware notification. If you tried uninstalling SpySheriff, it would just show back up. And if you kept on uninstalling it, it would crash your whole computer and give you a blue screen of death. The program will get to the point where your computer is unusable, where you can't even open system restore. You better have a backup, because quite often your only option left, would be to completely
wipe your hard drive. It truly is incredible how
one bug in an image file has essentially destroyed
thousands of computers. The WMF exploit would be patched in Windows Vista and onward, but what's even more interesting is that the exploit mostly
affected NT based systems, such as Windows XP. So, if you went on goggle.com
while running Windows XP, you were doomed, but ironically, if you were on Windows 98, you were much safer. And that is how simply in goggle.com and pressing enter could do
sometimes irreparable damage to your computer. And when people caught onto this, oh, they wanted the world to know. In September, 2006 came what is now the earliest
surviving evidence of goggle.coms existence, a McAfee commercial uploaded to YouTube that showcased the website and served as a public service
announcement to millions, about being safe online. And with it came both
public acknowledgement and personal challenges. People were now filming
themselves going on this website, whether as a dare or
to see its legitimacy. Well, a lot of these computers in these videos were running Vista and it is also important to keep in mind that patches for the WMF
exploit on Windows XP were already officially
released by Microsoft in January of 2006. The McAfee commercial could
have been filmed before then. And there is no way of knowing
if these YouTube users, are running the patched
version of Windows XP. So, that could explain
the less severe symptoms, because even then people
were arguing back and forth, one side saying it was
just all in internet hoax, the other side saying it was real and providing anecdotal evidence. In retrospect, the McAfee commercial
kind of blurred the lines, between fact and folklore, but regardless goggle.com, quickly developed a negative reputation. And Google was going to put a stop to it. After initially declining
to purchase the domain name, Google attempted to legally
acquire the goggle.com domain. But to their surprise,
Google actually lost. As Goggle was not considered
a misspelling of Google. I mean, goggles are a
real thing after all. And in 2011, a settlement decision was made that the owners could keep the domain, but with stipulations. With the evolving technology and being under strict surveillance, goggle.com became less of a threat. There was even a way to
program your computer to automatically revert
to the real google.com if you ever made this typo. As a result of dwindling notability the website continuously changed owners, becoming a survey website
in 2009, being taken down, becoming a survey website
again, being taken down again, becoming a fake flash player downloader, becoming a blank HTML page, becoming a fake polling website. And then in 2020 becoming
a political WordPress blog, which currently doesn't
contain any malware. After all these years, it seems that Goggle may have
finally found a stable home. It is arguably one of the strangest pieces of malware history as evidence
seems to point to the fact that there is no evidence, not a whole lot, both due to censorship
and lack of recordkeeping. Malware, so mysterious that many people even back then, weren't even sure it was real. See, I went on the website
and my computer is fine. Well, you have antivirus software. So, of course nothing happened. No this website is not fake. It damaged my computer. A mystery that could have
very well been explained by just one bug fix. Goggle.com serves as a great example of the butterfly effect, the story of how one
vulnerability found in Windows, created an internet urban
legend buried in time, hopefully to be revisited
as a way for people to learn more about how much
the internet has since grown, as well as how much it
can continue to grow. We could talk about goggle.com all day, but what would it have looked like to actually visit the website? Well, let's see. (gentle shimming music) (keyboard clacking) (upbeat music) (keyboard clacking)
