Hackers Spreading Spyware From Free Personal Web Sites - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:56 PM

Hackers Spreading Spyware From Free Personal Web Sites

In another new malicious twist, hackers are using free personal Web hosting sites provided by nationally- and internationally-known ISPs to store their malicious code, and to infect users with worms, viruses, and spyware.

Attackers are using free personal Web hosting sites provided by nationally- and internationally-known ISPs to store their malicious code, and to infect users with worms, viruses, and spyware, a security firm said Monday.

Websense, a San Diego, Calif.-based Web security and content filtering vendor, has detected a big jump in the use of personal hosting sites, said Dan Hubbard, the company's senior director of security and technology research.

"The growth of this trend is alarming," said Hubbard. "July has seen a major boom. In the first two weeks alone we found more instances than in May and June combined."

In the first half of the month, Websense found more than 500 free hosting sites created to spread keyloggers alone, Hubbard added. Since the beginning of the year, it's uncovered more than 2,500 such sites.

Although the hosted sites purport to offer up everything from online journals and photo albums to blogs and greeting cards, they all have one thing in common, said Hubbard. "Some type of automation was used to set all of them up, and fairly easily, too." Because they're free and easily created, they're considered disposable by the attacker. The average lifespan of such a site, said Hubbard, was between two and four days. They're attractive for other reasons as well.

"Attackers don't have to go to the trouble to find a compromised machine, search for one with a vulnerability they can exploit to turn into a zombie," said Hubbard. "Plus, they're reliable. Since they're offered up by national and international Internet service providers, they're built on a lot of infrastructure. Third, they often offer quite a bit of storage space, in some cases up to 500MB."

While Hubbard declined to name some of the ISPs his labs has found hosting some of the malicious sites, "you'd recognize the names," he said. "Some are mom and pop ISPs, but most are well-known."

The problems is that too few free hosting services offer even the most basic security tools, Hubbard said, pointing the finger at lackadaisical ISPs. None of the services found hosting malicious sites use a graphics-based question to make sure that a human, not a bot, registers for the service, he said. "None prevent uploading of executable files, and none are scanning [files] with anti-virus software," he added.

Putting their malicious programs on a site is only part of the hackers' chores, however. They also have to get people to visit these sites in order to install the code, such as a keylogger, on computers.

"It's not all about where hackers are storing code, but also how they're getting victims to visit those Web sites," Hubbard argued. "Social engineering techniques are still the most effective way of enticing people to a site."

Here, too, he said, the free Web hosting service sites play to the hackers' advantage. Because the domains of these services may include the name of a well-known ISP, it may be trusted by more users than a compromised, and unknown, IP address of a zombie PC.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll