Toxic blogs threaten Web users
According to the Websense Security Trends Report 2005, the first half of this year saw the Web become "by far the fastest growing attack vector", as malware authors started distributing links to malicious files in socially engineered e-mails instead of sending the actual files, which would most likely be blocked by corporate antivirus and spam filters.
"These aren't the kind of Web sites that someone would stumble upon and infect their machine accidentally. The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link. In addition, the blogs are being utilised as the first step of a multi-layered attack that could also involve a spoofed e-mail, Trojan horse or keylogger," the report said.
The increasing popularity of sites offering free blogs and Web space means malware authors now have access to an almost unlimited amount of hosting space in which to store their code. Websense claims that the general lack of security provided by these services means they are now regularly used to launch attacks.
"The blog can be used as a storage mechanism, which keeps malicious code that can be accessed by a Trojan horse that has already been hidden on the user's computer… [blogs] do not require any identity authentication to post information, and most blog hosting facilities do not provide antivirus protection for posted files," the report said.
In July, Websense told ZDNet Australia that it had seen an alarming increase in Web sites offering free hosting services being used to store and distribute malware, which indicates that this trend is set to continue being a problem for the foreseeable future. At the time, Dan Hubbard, senior director of security and technology research at Websense, said more malware was found on free hosting services during the first two weeks of July than in May and June combined.
Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.