We’re all vulnerable when it comes to malware, viruses, and browser hijacking, but not from legitimate web sites, think again! It’s a known fact that many popular web sites are in fact transmitting malware.
Hackers or in this case cyber-criminals are trying to monetize their evil doings.
The first form stems from the phishing business, where malware authors create new domains and Web sites so fast that URL filtering and signature databases cannot keep up. The goal here is to score a few victims before the security companies can generate new signatures.
The second form consists of hijacked Web sites, sites that are otherwise legitimate but have been corrupted in a way that leads its visitors to malicious content.
An example of the interplay between these two types of Web threats is the Asprox botnet. The botnet originally derived from phishing attempts to draw unwitting users to malware via short-lived Web sites, but, in the last few months, Asprox has morphed into SQL injection attacks against legitimate sites. In automated fashion, the botnet leverages Google to find and exploit Web sites with vulnerable Active Server Pages injecting an IFrame into the assailable site that redirects site visitors to exploit code elsewhere on the Web.
According to some sources, legitimate Web sites now comprise the majority of pages currently hosting malware. In its July 2008 Security Threat Report Update, Sophos Labs declared that 90 percent of the infected Web pages it detected in the first half of 2008 originated from legitimate Web sites that were hacked in some form. The report also stated that Sophos Labs found, on average, more than 16,000 new infected pages each day during that time.
It’s important to be carefull when web surfing. Don’t surf naked! Protect your data with well known anti-virus programs.
A great post more web users need to be made aware.
I don’t understand, how the virus downloaded to my computer without my permission and then run as application. Can you explain it?