Pakistan's Leading Education Website & Teacher's Provider
Learn English langauge
For students, kids as well as professionals
fee
Home | Forum | Teacher | Student | Institution | Jobs | Admission guide | Tests | Study abroad | Notices | classified | Study partner
Find Pak classmates
Pakistani classmatesDirectory since 1947. Find Now >>

Malware Runs Rampant on the Web: Google

In its new report on Web-based malware, Google said that some of the most common malware sites were those that contained advertising, and that average computer users have no way to protect against these malicious threats. The Google report on malware found that a browser can be compromised just by visiting a Web page.

According to Google research, hundreds of thousands of Web sites are infected with malicious software that could give attackers the ability to steal the personal identities of visitors.

The research, titled "The Ghost in the Browser: Analysis of Web-Based Malware," reported that an adversary who can successfully compromise a victim's browser can gain access to banking and medical records, authorization passwords, and personal communication records.

Google said that in its analysis of several billion URLs and an in-depth look at 4.5 million Web sites over a 12-month period, it discovered 450,000 sites were successfully launching drive-by-downloads of malware code.

Graham Cluley, a senior analyst with security firm Sophos, said researchers at his firm agree with Google's findings. "Everybody needs to learn to protect themselves better from these kind of attacks," he said. "More and more businesses are recognizing the need to scan their Web gateway just as they do their e-mail gateway to keep abreast of emerging threats."

Sitting Ducks?
Google also concluded that average computer users have no way to protect against these threats. "Their browser can be compromised just by visiting a page and become the vehicle for installing multitudes of malware on their systems," the nine-page report announced.

Google discovered that some of the most common malware sites were those that contained advertising. Sites that offer up user-generated content, such as blogs and forums, and those that offer third-party widgets, such as free traffic counters, are also commonly used by attackers looking to install code that makes victims of visitors.

As many antivirus engines rely on creating signatures from malware samples, adversaries can prevent detection by changing their code more frequently than antivirus engines are updated with new signatures, according to the Google study.

Threat Clarified
Although Cluley agreed with Google's research, he said it's important to clarify the threat. Some news headlines, he noted, have declared that Google's research revealed one in 10 Web sites are infected. But, he added, that's not accurate. The one-to-10 ratio is only true of the pages that Google already decided were worthy of further investigation, he clarified.

In its own research, Sophos discovers an average of 8,193 new malicious Web pages each day. What's most worrying, Cluley argued, is that 70 percent of these infected Web pages are on legitimate Web sites. In other words, the offending pages are often on sites that have been hacked or had malware planted on them without the owner of the Web page necessarily knowing.

"The Web is the new battleground between the good guys and the bad guys -- if you have not already defended yourself then there is no time to lose," Cluley said. "Defense can come in the form of multilayered protection, such as desktop, e-mail, and Web gateways, but should be combined with security updates for your browsers and client firewalls."

By Jennifer LeClaire, NewsFactor Network
spacer
Post your Comments about this News
Your name
Your Email
City &Country(i.e. Karachi, Pakistan)
Type your Comments here:
Tech News:Updated: February 2008
arrow Who cut Muslim World Internet Cables?
arrow Caution, big brother is watching
arrow Malicious programs hit new high
arrow Cleaner desktop fever hassles
arrow IMAP goes Gmail!
arrow Future laptops could run more than one OS
arrow '.asia' launched as Internet domain
arrow When the net is watching you
arrow Violence and video games
arrow Net terror sites 'easy to access'
arrow Is stealing wireless wrong?
arrow Mobile malware significant threat
arrow Can Linux Overtake Windows in OS War?
arrow How Microsoft puts your data at risk
arrow Web Users Reading More Than E-Mailing
arrow New Security Holes for PC Users
arrow Protecting Your Kids online
arrow Why do humans walk on two legs?
arrow Domain Names: New Real Estate

More Web & Tech News>>

Join our "Yahoo Group" for News alerts, Jobs & lots more
Feedback |  Contact |  Site contents copyright 2000 to 2013 Interface, Pakistan's Leading Education Website & Teacher's Provider