voodish logo
tweet rss book of faces Linked In

Hackers turning more to the web

Malicious code rise driven by web

In the first quarter of 2007, security firm Sophos identified 23,864 threats, up from 9,450 on this time last year. In the same period the firm said it was identifying 5,000 web pages per day infected with so-called malware. The report was released during InfoSec, Europe’s largest conference on online security issues, in London.

“With computer users becoming increasingly aware of how to protect against email-aware viruses and malware, hackers have turned to the web as their preferred vector of attack,” said the report.

Legitimate sites

Sophos reported that 70% of infected websites were legitimate sites hijacked by hackers because they had not been sufficiently protected.

Visitors to websites - even legitimate sites - can protect themselves by ensuring they have up-to-date virus and anti-spyware software installed. What’s most worrying is that so many websites are falling victim because the owners are failing to properly maintain them said Carole Theriault of Sophos.

Go to Top of the page

How to stay safe online

There are now thought to be more than 220,000 malicious programs in existence - the vast majority of which are aimed at subverting Windows PCs.
Find out more information about staying safe online »

Google warns users

Search engine Google will warn users if they are visiting a website which is known to have malware hidden on it. While malware is a growing problem for users of Windows operating systems, there is little evidence of the problem affecting users of Apple Macs running OS X or PCs installed with Linux.

Sophos cited the example of the Miami Dolphins official website which was hijacked in the week of the SuperBowl and was infected with malicious script. The code exploited Microsoft security vulnerabilities to install malware located on a Chinese server on to visitors’ computers.

“What’s most worrying is that so many websites are falling victim because the owners are failing to properly maintain them and keep up to date with their patches,” said Carole Theriault, senior security consultant at Sophos.

“The average internet user assumes sites like the Miami Dolphins homepage are safe to access, but by targeting a whole range of internet pages, hackers are successfully infecting a larger number of unwary surfers. Any ill-maintained website can fall victim.”

According to the report, China hosts more than 40% of all websites containing malware. The United States hosts almost a third of all sites, while the UK has 3% of the sites.

Go to Top of the page

Bad reputation

“China has traditionally had a bad reputation when it comes to cybercrime, consistently coming in the top two spam relaying countries month after month, so its position in this chart should come as no real surprise,” said Ms Theriault.

In a separate report, security firm MessageLabs warned that it was beginning to see e-mails which were both spam and contained a virus. “While the cyber-criminals have long used e-mail viruses to create botnets to send spam, this is the first time MessageLabs has seen viruses hidden within stock scam spam,” the firm reported.

Spammers sent out millions of fake stock e-mails in an attempt to influence the price of stock so it rises and can then be sold at a profit by the fraudsters. It is a practice known as “pump and dump”. “Why use two emails when just one will do? These latest techniques are part of a new boldness being shown by certain criminal gangs we are tracking,” said Mark Sunner, chief security analyst at MessageLabs. Go to Top of the page

Source: BBC News

Related Articles

Comments RSS Feed

No Comments Yet

You can be the first to comment!

Leave a comment