Wednesday, August 18, 2010

Article: 5 Million Web Sites Served Malware for at Least 3 Months - And Nobody Noticed!

I really want to direct your attention to the following article which appeared today;

Malicious widget hacked millions of Web sites
Parked sites hosted by Network Solutions spread malware since at least May

Essentially the article says that up to 5 million web sites have been serving up malware for at least the last three months - and nobody noticed.

Even worse, it appears that nobody was safe;

"The widget turned every infected domain into a drive-by attack site that launched the multi-exploit "Nuke" toolkit against users running Internet Explorer, Firefox, Chrome and Opera"

Typically, the malware seems to only affect Windows PCs. Roll on Chromium OS! I'm not sure how much longer I can continue to support windows environments for anything other than games.

There's also the fact that the cleanup hasn't been completed.

"Although Network Solutions has disabled the widget on all parked domains and has taken the GrowSmartBusiness.com site offline, the widget remains on approximately 5,700 active sites that manually installed it, Huang said. Nor has Network Solutions scrubbed the malicious script targeting users with IP addresses located in Taiwan and Hong Kong"

Anyway, I've also got a bone to pick (as usual) with certain Anti-Virus vendors because yet again this month, I've seen known viruses just wander in past McAfee's defences. I'm not happy! Sadly, Microsoft's free Windows Defender is still much better at detecting viruses than the paid McAfee product. If you're not running it, you should get it now. This month I learned the hard way that you can't install it on an infected PC running in safe mode.

In the meantime I was just wondering what exactly this article means for cloud platforms of the future. Google Apps, IBM Lotus Live and Microsoft Azure? Surely none of these will work if the browsers don't come with anti-malware defences built in.

Also... what part should the ISP's play in defence I wonder?

No comments: