MattCutts - 7:35 pm on Dec 20, 2010 (gmt 0)
"I see where you are coming from Ted. I still think thats between Google and Webmaster, not Google and the public."
The fact is, not everyone logs into Webmaster Tools obsessively to see if they have any messages. So we needed to find a way to surface this potential risk so that site owners would find out more quickly if they've been hacked.
We now have two different responses for sites with malware vs. sites that we think may be hacked. When we detect malware, we try harder to let users know that they may be stepping into a dangerous part of the web (e.g. an interstitial so that users really need to be sure they want to visit that page).
In contrast, a hacked site might not be immediately dangerous to users. But we still want to alert site owners, because if a site is hacked right now, in practice it's not too much harder for a bad actor to add malware to the hacked page.