Legitimate Web links haven for cybercrime

With social networking topping list of Web usage trends, cybercriminals have wasted no time plugging loopholes and planting malware in user-trusted sites, finds new security report.
Written by Tyler Thia, Contributor

BALI--Malware threats are getting more sophisticated, with 90 percent of them embedded in legitimate sites that Web users visit every day last year, according to a study by Blue Coat Systems.

In a report released Wednesday, the security vendor revealed that such attacks are increasingly migrating from free domains to known sites with trusted reputations and acceptable use category ratings.

"Cyber criminals want to be where the eyes are," said Jonathan Andresen, director of product and solution marketing Asia-Pacific, Blue Coat.

Speaking to ZDNet Asia at the sidelines of its regional partner conference here, Andresen explained that it is no longer adequate to educate users to look out for dodgy Web sites.

"Hackers are changing their attack methods, moving toward compromising the trust model for users so they are masquerading as your friends, selling things that you think are safe, sending you e-mail with your name on it," he said.

The less assuming users will then be "led down the path" to download malware from the Web, mostly via URL links rather than the traditional e-mail.

An analysis of Web requests from Blue Coat's cloud-based Webpulse service, which processes 3 billion requests weekly, also revealed that social networking sites have become a malware vector where phishing and click-jacking attacks were the two most common types of attacks on these platforms last year.

Obtaining user credentials that give access to banking, financial and other online accounts that use shared passwords, was the main reason for the shift in phishing attacks to social networks.

Online storage and the "open/mix" category of content sites including those that require users to upload data, such as Flickr, have also become malware "carriers".

According to report, the number of new online storage sites with malware increased 13 percent last year compared to the year before, while new "open/mix" content sites that hosted malware upped 29 percent.

"These two types of content sites had the highest increase in amount of malware over the last 12 months," Andresen added.

The security report also surveyed Internet usage trends which revealed that social networking activities last year took over as the new communication medium.

Based on Web requests from its 73 million-strong user base, among the subcategories of social networking activities, content servers came up tops. Personal pages and blogs ranked in second, followed by chat and instant messaging.

Web-based mail was the 17th most requested service last year, falling from 9th position in 2009 and 5th in 2008.

"This ongoing decline in popularity in driven by an overwhelming shift to social networking as the communication platform of choice for Internet users," the report said.

Another finding pointed a shift in Web behavior from personal lust to more business focused demands. Requests for content from dating and personals sites, pornography and adult content saw a "significant decline" in 2010, compared to their previous ranks at fourth, fifth and eighth, respectively,

Taking over top 10 these spots last year were requests for audio and video clips, new media and reference Web content.

According to Blue Coat, reputation and signature-based protection systems have proven effective in combating Web security threats but it is no longer sufficient to rely on both mechanisms in today's fast-moving malware threat landscape.

Because hackers are now targeting sites with good reputation, Web users will be caught off guard if no additional layer of protection is employed, Andresen noted. "For example, if abc.com is a reputable site, you don't scan it [for potential malware] but that's where the hackers will put their injection. It [instills] a false sense of security," he warned.

Tyler Thia of ZDNet Asia reported from Blue Coat's annual Asia-Pacific partner conference in Bali, Indonesia.


Editorial standards