Hackers Use Blogs To Spread Worms, Keyloggers - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
4/13/2005
02:21 PM
50%
50%

Hackers Use Blogs To Spread Worms, Keyloggers

Blogs aren't just for blabbing to friends and family, but increasingly are being used as a safe haven by hackers for storing and distributing malicious code.

Blogs aren't just for blabbing to friends and family, said a security and content filtering firm Wednesday, but increasingly are being used as a safe haven by hackers for storing and distributing malicious code, including identity-stealing keyloggers.

"We're seeing that more and more of the locations where malicious code is stored is on blog sites," said Dan Hubbard, the senior director of security and technology research for San Diego-based Websense. So far this year, Hubbard said, his lab has discovered hundreds of blogs involved in the storage and delivery of harmful code.

"In particular, keyloggers and other Trojan downloaders and droppers are being stored and updated from blog sites," Hubbard added. A keylogger is the term for a type of spyware that watches for, records, then transmits to the hacker identities surreptitiously hijacked from PCs.

Malware and spyware writers are turning to blogs -- and away from traditional hosting and/or e-mail services -- because they offer large amounts of free storage space, they don't require any identity authentication to post, and most blog hosting services don't scan posted files for viruses, worms, or spyware.

"It's partly the storage, partly the ease of use [of blogs], and partly a stability issue. Hacked machines, for instance, can easily go down if the actual owner discovers his computer's being used, but the blogs are always there," said Hubbard.

Different hackers use blogs different ways. Some may create a blog on a legitimate service, then post viral or keylogging code on the page, and entice users to visit the page -- where they're infected -- using spam or spim. Others may use the blog only as storage for malware which previously-planted Trojan horses access to update themselves or install a keylogger onto the infected PC.

"In those cases, victims don't even see the blog or the blog site," said Hubbard. "Hackers are using the storage space on the blog site because, unlike personal storage and mail hosting facilities, most blogs aren't running anti-virus software on posted files."

The use of blogs further disguises the true identity of the hacker, and adds another route in the labyrinth-like path that attackers use to disseminate their code.

In late March, for instance, Websense issued an alert that outlined how a spoofed e-mail tried to redirect recipients to a blog which in turn hosted a Trojan horse designed to steal online banking passwords.

"The blogs are being used as the first step of a multi-layered attack that could also involve a spoofed e-mail, Trojan horse, or a keylogger," explained Hubbard.

While end-users can do little beyond keep safe and smart practices in mind -- don't open attachments, don't travel to questionable links within e-mail or instant messages -- Hubbard said there was plenty blog hosting services could do.

"They need to add some type of security on top," he urged. "Anti-virus is a good start. And limit the type of files that can be uploaded, by, for example, restricting executables."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
Slideshows
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll