Mom And Pop Sites Host Malware

January 18, 2008 | by Christopher Nickson

An increase in so-called poisoned sites has occurred in small mom and pop sites with possibly thousands affected.

By now we’ve all heard of poisoned sites that play unwitting host to malware. Code in the site scans visiting PCs to check for loopholes, and if it finds one, it installs a Trojan. That lies quiet in the PC until the user types in login date for accounts such as an online bank account.
 
A BBC report states that security researchers at ScanSafe, Finjan and Secure Works have all discovered a cache of sites poisoned in this way. They’ve all tended to be small, mom and pop type business that ranked high in searches and received plenty of visitors – anything from travel agencies to auto spare parts. Some of the security companies believe as many as 10,000 sites could be affected.
 
What the sites have in common is the same host and remote administration software, but researchers have found it much harder to discover how each is compromised.
 
"We know some of the methods," said Yuval Ben-Itzhak, Finjan’s chief technology officer "they are trying to exploit known vulnerabilities in open source content management software that the sites are using."
 
However, each time a visitor reached the site, the code received a new, random, five-character name, making it hard to detect.
 
The sites make sense for hackers. They’re owned by small business who can’t afford top-quality protection and who don’t have the staff to monitor the sites. Instead, some experts say, the hosting services need to do more in the way of security for their clients.
 

Post Your Comment...Comments

Be the first to comment on the article!

Comment on this article




Please keep your comments relevant to this article. Email addresses are not displayed, they are only required to verify you are human.

When you submit your comment, an email will be sent to your email address with a confirmation link. Once you have clicked on that confirmation link your comment will be posted.

HTML is not allowed.


Join our newsletter to keep up to date on the latest Digital Trends content like Videos, Reviews, News and more delivered directly to your email!


Plus, get early access to contests and specials from our partners. Join today!





Loading...