Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    This issue is something that we have blogged about on several occasions recently here on the TrendLabs blog, but sometimes the issue needs to be highlighted and emphasized to articulate the underlying trends that are emerging.

    How bad is the problem of compromised Web sites/Web servers in The Internet? Epic.

    Brian Krebs wrote earlier today about how alarming this issue has really become — and we are seeing the same alarming level of escalation.

    Why? Insecure Web site implementation and/or no ongoing effort by Web site administrators to ensure that the platforms that these Web sites are built upon are maintained properly, patched diligently, and regularly examined for security deficiencies.

    Cyber criminals are actively and successfully preying on the unfortunately large number of Web sites out there which are not implemented or maintained properly, to surreptitiously embed exploits for unwitting Web surfers.

    Why? Mainly to obtain user credentials — logins, passwords, credit card information, etc.

    This is perhaps the most dangerous, and least appreciated threat to casual Internet users today. There is a wholesale effort underway by cyber criminals to subvert and compromise Web services around the globe to use for their own criminal purposes.

    And it gets worse, unfortunately.

    The real threat is no longer “scanning for viruses” on the local PC, although it is a useful tool that will probably always play a role in the total threat protection scenario.

    The threat “game” has now gone into and onto The Web, and in a big way. Cyber criminals started focusing their attention on Web threats last year in a big way, and in a way which takes advantage of the fact that most Web sites/Web pages are not actively maintained by professionals — they are, in fact, constructed and put into play by folks who have no professional training in secure Web implementations (or simply walk away and don’t update older software vulnerabilities as they are discovered, etc.)

    I’ve said this many times, and I’ll repeat it here: The days of simply putting a Web page up on The Internet and forgetting about it are long gone.

    An ongoing effort to do due diligence must be a focus — otherwise criminals will exploit the opportunity to seed their malicious craft, and victimize unwitting Internet users.

    Criminals are targeting Web sites with “high user count” probabilities — Web sites with large audiences, e-commerce Web sites with potential “high value” compromise possibilities, and entire server farms in third-party hosting facilities.

    And some Web sites are being used simply as a means to an end — pit-stops on the criminal highway — legitimate Web sites that can be compromised to harbor redirects to criminal content (e.g. malicious redirects using iFrames, JavaScript, phishing content, malware, etc.)

    Not only are they targeting “high-profile” Web sites, they are also targeting any Web site which they can use to host criminal activity.

    The latest example of this trend: We were alerted to the fact that a Web site hosting content for the Thai Royal Air Force is being used to harbor a phishing redirect for major banking fraud yesterday (see screenshot below).

    We alerted the ThaiCERT folks about this incident yesterday, but it is has not been removed at the time of this posting.

    Not to pick on any particular organization — we are all at risk here. Don’t kid yourself.

    We’ve recently seen literally thousands of compromised Web sites and Web pages that, if an unsuspecting users happens upon the content (and has some arbitrary unpatched vulnerability), they are victimized.

    I cannot stress how important this issue has become, and how this will fundamentally change the way we use The Internet if we do not take dramatic steps to correct these basic deficiencies.

    The lifeblood of the Internet depends on it.

    When Vint Cerf spoke at the World Economic Forum in Davos, Switzerland, last year, he pretty much nailed the issue spot on — “Criminals may indeed overwhelm the web” as we (collectively) sit idly by.

    Take action. Now.

    “Fergie”, a.k.a. Paul Ferguson
    Internet Security Intelligence
    Advanced Threats Research

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice