Security News for Wednesday, February 13 2013

Time was that as long as you didn’t visit any sites that were “off the beaten path” of the Internet, you were pretty safe from running across malware. Times have changed. According to this post, 80% of sites where security vendor Sophos found malicious content were innocent (legitimate) sites that had been hacked to serve up malware. From the blog post:

A trend that we have observed is that hackers will insert their malicious code into legitimate JavaScript (not to be mixed up with Java!) hosted on the website.

The JavaScript is automatically loaded by the HTML webpages and inherits the reputation of the main site and the legitimate JavaScript.

This brief post discusses how malicious individuals are using a newer technique to infect visitors to malicious sites. From the post:

You visit a site and it looks good and clean. However, if you keep the page open, after maybe 20-30 seconds, you get redirected to an affiliate page for casino or pharma site. What is going on?

We call those delayed redirections and they are becoming a lot more common. Instead of injecting malware or doing any redirection via javascript, the attackers are adding the refresh option to the HTTP headers.

According to this article, and based on a report by security vendor Blue Coat Systems, the Android platform is becoming an ever-popular target for malware. From the article:

As for the breakdown of Android malware, Blue Coat noted 58 percent was Android root exploits and rogue software. Android malware via malnets—networks designed to deliver malicious payloads—was 40 percent of the total.

This entry was posted in Security News. Bookmark the permalink.