Wednesday, July 11, 2007

Hackers Focusing on Web 2.0 Sites (plus Comment)

Rene Millman writes on ITPro News:

Virus writers are turning their attention to social networking sites and other user-generated content networks to steal personal information and create botnets, according to an anti-virus expert.

Toralv Dirro, security strategist at IT security company McAfee's Avert Labs research team said that over the last ten years the threat landscape had changed beyond recognition and that hackers were now looking at attacking new web 2.0-style sites as they were rich in sensitive data.

"Malware is getting more commercial. We expect new platforms and applications to be attacked if there is any money to be made out of it," he said. "As users can just about post anything, so can hackers. We have seen many examples of profile pages containing malware that then get downloaded by victims."

Dirro pointed to an example of a worm that attacked Wikipedia users visiting a booby-trapped page created by hackers. The page was used to trick users into downloading malware thinking it was fix for the Blaster worm last year. It was just the start of a new trend in viruses.

"Web 2.0 sites are becoming more popular and I expect more worms to appear on these sites," said Dirro.

More here.

Note:

This should not really be news to anyone. But if it is, allow me to comment.

We've been saying for over 10 years that JavaScript, in and of itself, can be used for extremely evil shit. And since most of the newer, mash-up-style Web "Uh-Oh' stuff uses AJAX and requires users to open themselves up for JavaScript exploitation just to experience the content.

Having said that, this particular message [in this article] is something that I (and many others) have been saying for years -- and in fact led me to start calling some of the underlying mechanisms in "Web 2.0" as "Web Uh-Oh" with regards to their impact on network, and consumer, security.

I am in the process of writing a white paper on this topic which I'll let you know about when it its completed, but in the meantime I'll say this:

We (as the Internet-community-at-large) are doing a really fine job of allowing our customers to be exploited by enabling the very same technologies that deliver the very same "content-rich"
features that they want.

The real issue here is not that more "worms will appear on Web 2.0 sites", but rather, more worms and malware will appear which take advantage of the fact that most users & consumers are ripe to be exploited -- simply by the fact that if they protect themselves properly against these types of exploits, they cannot enjoy the "features" of this content-rich Web 2.0 Internet that we know and love today.

- ferg

0 Comments:

Post a Comment

<< Home