Beware Of
Malware-Infected Blogs
Author: Danny Wirken
Internet users and blog-browsing addicts beware! As
weblogs
come free and are quite easy to use, they continue to
gain
popularity. Hence, criminals operating on the Internet
are
becoming more aware and are taking advantage of the use
of
these online personal journals to ensnare unwitting
victims.
Not long ago, spyware and malware were spread mostly
through
email and file-sharing, and system infection was
prevented by
spam blockers and email scanners. Nowadays, clicking on
a
seemingly harmless link can make you vulnerable to those
with
shady intentions in an instant.
A common practice of computer crooks involves making up
phony
weblogs that look harmless or genuine. They then embed
viral
codes or keylogging programs within the site, and send
out the
blog’s url address through spam e-mail, chat rooms or
instant
messenger. Even innocent blogs that allow comments that
are not
moderated may fall be victimized through comment spam
leading to
infected blogs. The trick lies in convincing the
potential
victim to click on a link that activates the malware
embedded
in the blog site, or leading them to input valuable
information
within the fraudulent blog, such as credit card details
and
account passwords, which the keylogging program then
records
and automatically sends to the site owner.
In computer and information technology, “malware” is a
term
that generally refers to software that is intended by
the
creator to cause damage or break into a computer system,
often
without the knowledge or informed assent of the owner.
The
different types of malware include computer viruses,
Trojan
horses, adware, worms, and spyware. On a more specific
level,
spyware is a type of malware that is primarily used for
profit.
Produced commercially, these programs are used for
collecting
information about the users of a computer system. It
does this
by activating pop-up advertisements, as well as changing
the
normal activity of a system’s web browser in such a way
that
the creator of the spyware benefits financially.A
typical sign that a spyware is in effect, is when a
standard search engine query is redirected
to a different page
filled
with paid-for ads. A certain type of spyware, at times referred to as
stealware, does as its name implies; it steals from a genuine business
or website owner by overwriting relevant
marketing codes, such that the income value goes to the spyware
author instead. |
|
 |
Malware can also be used to thieve directly from
the infected computer’s user, by installing keyloggers
that
record specific keystrokes as the user types in
passwords, or
other valuable information like credit card numbers. The
malicious program then sends this information to the
spyware
creator, and that’s how the stealing begins.
In the case of a malware-infected blog, the site itself
deceitfully serves as host to the malicious program. The
setup
is one that often allows malware to get past detection
and
filtering systems unnoticed. Furthermore, having a
somewhat
permanent place in the world wide web, it is always
accessible
to Internet users—all they have to do is click on an
active
link to be lured into the trap. As such, it posts a
greater
danger to those who are unaware that malware-infected
blogs
abound and how they can become victims.
Today, there may be hundreds of these malware-infected
blogs
that still continue to spread malicious software. The
spread of
these malware and spyware infected blogs may be due in
part to
the increased availability of malware and spyware to
online
crooks. Recent reports have it that certain search
engines like
Google are dealing with exposure of a special search
capability
in their system that allows end-users to locate and
download
malware files on the web. This feature was previously
hidden
and served as a device utilized and known only to
security
research and anti virus companies. The bad news is,
these
supposedly secreted features are by now known to hackers
and
profiteering Internet criminals. They don’t need to
create
these malicious programs to cause damage to other
people’s
computer systems or steal valuable data; hundreds of
them are
just a download away.
For one to find
malware with the use of Google, it is essential to have the specific
signature of a certain malware program.
These signatures are now being shared on the Internet by hackers, and
that causes greater ease for other online bandits to carry out the
search for a particular malware program using its unique signature. |
|
|
In some pro-hacking web sites, the
signatures are even indexed in an online database, such
that
users only need to input the name of the malware and it
instantly returns the corresponding signature. End-users
are
even asked to share fresh malware to the site so that
the site
moderators are able to produce a signature for it fast,
to be
made available to other users. This way, hackers, even
bloggers
who are unskilled in hacking but nonetheless have a
tainted
intention, will be able to make use of any malware of
their
choice, and spread it through different blogs.
Probably the most important thing to do in order to
protect
your computer from malware is to install a trusted
anti-virus
program and to keep it updated. Scan computers on a
regular
basis, and also keep patches up to date. Keeping a
firewall up
should also help. Next is to be cautious when opening
and
reading email and instant messages, especially those
that are
unwanted, or come from email addresses you don’t
recognize.
Furthermore, when using an instant messenger, beware of
active
links that even your trusted contacts send. Before you
even
consider clicking on any link, be sure to ask first what
site
it leads to. Better yet, you may even consider holding
off on
clicking the link until you’re able to personally talk
to the
person sending it to verify its authenticity. Ignoring
the
message is yet another option, if the message does not
seem
that important at all.
There is hope, however, as leading IT and Internet firms
are
coming up with ways to disable these web scammers.
Information
sites, as well as blog code improvements like Google’s
“nofollow” tag, are up and running to help bloggers and
other
users protect their computer systems. While more
advanced means
are yet to make it to the greater public’s knowledge,
staying
informed and vigilant is the main defense against
malware-infected blogs.
About The Author:
http://www.theinternetone.net
|
