Google’s free code-hosting Web site for developers is being used to distribute malware, a security researcher said on Friday.

Google Code is a place where programmers can host projects and code. Along with the legitimate code are links to fake videos that direct users to download a missing codec, said Dave Marcus, director of security research for McAfee Avert Labs. The codecs turn out instead to be password-stealing Trojan horses and programs geared toward stealing financial information for identity fraud, he said.

“They’re using it as a way to send out links or as a place to house their links and redirects because it’s Google and obviously it gets highly ranked in the index,” he said. “The bad guys look for services like this as a way to push out code.”

A Google spokesman said the company has removed malware-distributing projects from Google Code and search results.

Just a few short months after the initial release, Google has released a pre-beta version of Google Chrome 2.0.

It sports a few new features including form auto-completion, full-page zoom, ‘profiles,’ and Greasemonkey support. It seems the only notable feature would be profiles, which allows users to separate out their homepage, history, and bookmarks on a per user or category basis.

It seems Google is still playing catch-up but they’re definitely moving at a pace unknown to some of their competition. The full list of new features is available in the release notes