Mom And Pop Sites Host Malware

By now we’ve all heard of poisoned sites that play unwitting host to malware. Code in the site scans visiting PCs to check for loopholes, and if it finds one, it installs a Trojan. That lies quiet in the PC until the user types in login date for accounts such as an online bank account.

 

A BBC report states that security researchers at ScanSafe, Finjan and Secure Works have all discovered a cache of sites poisoned in this way. They’ve all tended to be small, mom and pop type business that ranked high in searches and received plenty of visitors – anything from travel agencies to auto spare parts. Some of the security companies believe as many as 10,000 sites could be affected.

 

What the sites have in common is the same host and remote administration software, but researchers have found it much harder to discover how each is compromised.

 

"We know some of the methods," said Yuval Ben-Itzhak, Finjan’s chief technology officer "they are trying to exploit known vulnerabilities in open source content management software that the sites are using."

 

However, each time a visitor reached the site, the code received a new, random, five-character name, making it hard to detect.

 

The sites make sense for hackers. They’re owned by small business who can’t afford top-quality protection and who don’t have the staff to monitor the sites. Instead, some experts say, the hosting services need to do more in the way of security for their clients.