Entireweb Search Engine
Entireweb Express Inclusion
April. 14,  ISSUE #118
 Express Inclusion
The Entireweb network provides over 100 Million searches per month, this includes sites such as Entireweb, Mamma.com, Ixquick.com, Search66.com, WindSeek.com and several other search engines on the Internet.
 Affiliate
When you join our Free Affiliate Program you will automatically become a Entireweb partner. We feel this program will create a mutually beneficial, and profitable, relationship. Entireweb.com is committed to offering you and your Web site great customer service and a very good product.
 Advertise
With more than 250,000 subscribers you will reach webmasters and siteowners in matter of minutes.
 SpeedyAds
Entireweb SpeedyAds - Advertise for free


Blogs aren't just for blabbing to friends and family, said a security and content filtering firm Wednesday, but increasingly are being used as a safe haven by hackers for storing and distributing malicious code, including identity-stealing keyloggers.

"We're seeing that more and more of the locations where malicious code is stored is on blog sites," said Dan Hubbard, the senior director of security and technology research for San Diego-based Websense. So far this year, Hubbard said, his lab has discovered hundreds of blogs involved in the storage and delivery of harmful code.


Entireweb Express Inclusion

"In particular, keyloggers and other Trojan downloaders and droppers are being stored and updated from blog sites," Hubbard added. A keylogger is the term for a type of spyware that watches for, records, then transmits to the hacker identities surreptitiously hijacked from PCs.

Malware and spyware writers are turning to blogs -- and away from traditional hosting and/or e-mail services -- because they offer large amounts of free storage space, they don't require any identity authentication to post, and most blog hosting services don't scan posted files for viruses, worms, or spyware.

"It's partly the storage, partly the ease of use [of blogs], and partly a stability issue. Hacked machines, for instance, can easily go down if the actual owner discovers his computer's being used, but the blogs are always there," said Hubbard.

Different hackers use blogs different ways. Some may create a blog on a legitimate service, then post viral or keylogging code on the page, and entice users to visit the page -- where they're infected -- using spam or spim. Others may use the blog only as storage for malware which previously-planted Trojan horses access to update themselves or install a keylogger onto the infected PC.

"In those cases, victims don't even see the blog or the blog site," said Hubbard. "Hackers are using the storage space on the blog site because, unlike personal storage and mail hosting facilities, most blogs aren't running anti-virus software on posted files."

The use of blogs further disguises the true identity of the hacker, and adds another route in the labyrinth-like path that attackers use to disseminate their code.

In late March, for instance, Websense issued an alert that outlined how a spoofed e-mail tried to redirect recipients to a blog which in turn hosted a Trojan horse designed to steal online banking passwords.

"The blogs are being used as the first step of a multi-layered attack that could also involve a spoofed e-mail, Trojan horse, or a keylogger," explained Hubbard.

While end-users can do little beyond keep safe and smart practices in mind -- don't open attachments, don't travel to questionable links within e-mail or instant messages -- Hubbard said there was plenty blog hosting services could do.

"They need to add some type of security on top," he urged. "Anti-virus is a good start. And limit the type of files that can be uploaded, by, for example, restricting executables."


About the Author: By Gregg Keizer

To discontinue mailings, click here

Get your site listed fast!
Sponsored Links
 Advertise here
 

Advertise - Affiliate - Contact Us - Privacy Policy - SpeedySpy - About Entireweb

Copyright � - 2005 Entireweb