Trojan attacks now almost solely from legitimate websites

  • 0 Replies

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • 10660
According to reports, many online users are almost always attacked from the hacked websites of legitimate providers. Previously a majority of surfers used to assume that malware was only found on sex sites and other shady websites, but these days all you need to do is visit your favourite newspaper to come under attack.

Antivirus vendor Avast reports reports that there are now 99 "normal" infected websites for every infected adult site. Current cases, such as the manipulation of Lenovo's server or of Vodafone UK's server seem to support that finding. In the case of Vodafone, attackers manipulated the Blackberry product pages so they could upload an exploit in an iFrame for an unpatched hole in the Windows Help Center.

Symantec has come to a similar conclusion; according to its current "MessageLabs Intelligence Report", the share of legitimate websites among manipulated websites rose from 80% in 2009 to 90% this year. Recently, for example, Chinese attackers managed to manipulate tens of thousands of Web servers via SQL injection vulnerabilities.

The findings do not, however, suggest that you should "start searching for erotic content" if you want to be on the safe side, as Ondrej Vlcek, CTO at Avast, points out.

Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-