[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help] 

Status: Not Logged In; Sign In

What is quantum computing?

12 Important Questions We Should Be Asking About The Cover Up The Truth About Jeffrey Epstein

TSA quietly scraps security check that every passenger dreads

Iran Receives Emergency Airlift of Chinese Air Defence Systems as Israel Considers New Attacks

Russia reportedly used its new, inexpensive Chernika kamikaze drone in the Ukraine

Iran's President Says the US Pledged Israel Wouldn't Attack During Previous Nuclear Negotiations

Will Japan's Rice Price Shock Lead To Government Collapse And Spark A Global Bond Crisis

Beware The 'Omniwar': Catherine Austin Fitts Fears 'Weaponization Of Everything'

Roger Stone: AG Pam Bondi Must Answer For 14 Terabytes Claim Of Child Torture Videos!

'Hit Us, Please' - America's Left Issues A 'Broken Arrow' Signal To Europe

Cash Jordan Trump Deports ‘Thousands of Migrants’ to Africa… on Purpose

Gunman Ambushes Border Patrol Agents In Texas Amid Anti-ICE Rhetoric From Democrats

Texas Flood

Why America Built A Forest From Canada To Texas

Tucker Carlson Interviews President of Iran Mosoud Pezeshkian

PROOF Netanyahu Wants US To Fight His Wars

RAPID CRUSTAL MOVEMENT DETECTED- Are the Unusual Earthquakes TRIGGER for MORE (in Japan and Italy) ?

Google Bets Big On Nuclear Fusion

Iran sets a world record by deporting 300,000 illegal refugees in 14 days

Brazilian Women Soccer Players (in Bikinis) Incredible Skills

Watch: Mexico City Protest Against American Ex-Pat 'Invasion' Turns Viole

Kazakhstan Just BETRAYED Russia - Takes gunpowder out of Putin’s Hands

Why CNN & Fareed Zakaria are Wrong About Iran and Trump

Something Is Going Deeply WRONG In Russia

329 Rivers in China Exceed Flood Warnings, With 75,000 Dams in Critical Condition

Command Of Russian Army 'Undermined' After 16 Of Putin's Generals Killed At War, UK Says

Rickards: Superintelligence Will Never Arrive

Which Countries Invest In The US The Most?

The History of Barbecue

‘Pathetic’: Joe Biden tells another ‘tall tale’ during rare public appearance


Science/Tech
See other Science/Tech Articles

Title: Google searches web's dark side
Source: http://news.bbc.co.uk
URL Source: http://news.bbc.co.uk/2/hi/technology/6645895.stm
Published: May 13, 2007
Author: http://news.bbc.co.uk
Post Date: 2007-05-13 23:35:15 by robin
Keywords: None
Views: 35

Google searches web's dark side
Men look at laptop
Malicious programs are installed by visits to a booby-trapped site
One in 10 web pages scrutinised by search giant Google contained malicious code that could infect a user's PC.

Researchers from the firm surveyed billions of sites, subjecting 4.5 million pages to "in-depth analysis".

About 450,000 were capable of launching so-called "drive-by downloads", sites that install malicious code, such as spyware, without a user's knowledge.

A further 700,000 pages were thought to contain code that could compromise a user's computer, the team report.

To address the problem, the researchers say the company has "started an effort to identify all web pages on the internet that could be malicious".

Phantom sites

Drive-by downloads are an increasingly common way to infect a computer or steal sensitive information.

They usually consist of malicious programs that automatically install when a potential victim visits a booby-trapped website.

"To entice users to install malware, adversaries employ social engineering," wrote Google researcher Niels Provos and his colleagues in a paper titled The Ghost In The Browser.

Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web
Google researchers

"The user is presented with links that promise access to 'interesting' pages with explicit pornographic content, copyrighted software or media. A common example are sites that display thumbnails to adult videos."

The vast majority exploit vulnerabilities in Microsoft's Internet Explorer browser to install themselves.

Some downloads, such as those that alter bookmarks, install unwanted toolbars or change the start page of a browser, are an annoyance. But increasingly, criminals are using drive-bys to install keyloggers that steal login and password information.

Other pieces of malicious code hijack a computer turning it into a "bot", a remotely controlled PC.

Drive-by downloads represent a shift away from traditional methods of infecting a computer, such as spam and email attachments.

Attack plan

As well as characterising the scale of the problem on the net, the Google study analysed the main methods by which criminals inject malicious code on to innocent web pages.

Spam email
Spam e-mails are a common way to infect a computer

It found that the code was often contained in those parts of the website not designed or controlled by the website owner, such as banner adverts and widgets.

Widgets are small programs that may, for example, display a calendar on a webpage or a web traffic counter. These are often downloaded from third-party sites.

The rise of web 2.0 and user-generated content gave criminals other channels, or vectors, of attack, it found.

For example, postings in blogs and forums that contain links to images or other content could unwittingly infect a user.

The study also found that gangs were able to hijack web servers, effectively taking over and infecting all of the web pages hosted on the computer.

In a test, the researchers' computer was infected with 50 different pieces of malware by visiting a web page hosted on a hijacked server.

The firm is now in the process of mapping the malware threat.

Google, part of the StopBadware coalition, already warns users if they are about to visit a potentially harmful website, displaying a message that reads "this site may harm your computer" next to the search results.

"Marking pages with a label allows users to avoid exposure to such sites and results in fewer users being infected," the researchers wrote.

However, the task will not be easy, they say.

"Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web as a whole," they wrote.

(7 images)

Post Comment   Private Reply   Ignore Thread  



[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]