StopBadware.org RSS
Regaining Control of Our Computers
 
Home About Us Our Reports Clearinghouse Fight Back About Badware FAQ Security Tips Blog

Malicious Hacking: One Site’s Story

Posted by Erica George Mon, 26 Mar 2007 19:55:00 GMT

If you’ve been following StopBadware’s work over the past few months, you know that we have witnessed a sharp increase in the number of websites distributing badware. More and more of these sites are turning out not to be malicious distributors of bad software, but otherwise innocent websites that have been hacked and made to distribute badware without the knowledge of the sites’ owners. In the past weeks, we’ve even seen hacking attacks hit the sites of several friends of the Berkman Center, StopBadware’s parent institution at Harvard.

Berkman fellow Ethan Zuckerman shares a detailed and insightful account of one such attack in a recent post to his blog. A website owned by a friend of Zuckerman’s was hacked, and subject to a Google search warning and listing in the Badware Website Clearinghouse. Zuckerman initially assumed that his friend’s site must be listed by mistake, but quickly learned that the site had been compromised. As Zuckerman tracked down what had happened to his friend’s site, he uncovered the source of the attack – an organized crime outfit known as the RBusiness Network, currently based in Panama.

How risky is an infected site to visitors? Zuckerman examines one of the exploits used by RBusiness, noting that “[b]asically, when you load this iframe, it runs a small script which downloads and runs a Windows executable file. That file downloads a rootkit, a password sniffer and opens a backdoor into the user’s system.” Badware producers then use these invisible downloads to steal financial data for use in fraud or identity theft.

StopBadware is not the only group noticing increases in this kind of website hack. Symantec’s recent Internet Security Threat Report, for example, noted an increase in malware designed to steal financial data from victims.

How can you protect yourself? If you run a website, check out StopBadware’s Security Tips page, and talk to your hosting provider to be sure your site is secure. When browsing the internet, be sure your computer is running up-to-date, fully patched software, with anti-virus and anti-spyware protection. Last, if you do come across badware as you surf the internet, please share your story. The more we know about badware and the criminals who produce it, the better we can help internet users and webmasters keep themselves safe.

Posted in ,  | Tags ,

RSS feed for this post

Comments are disabled

  

Contact Us   |   Privacy Policy

Consumer Reports WebWatch is not receiving any corporate support for its participation in this program.

Copyright © 2006 - All content for this site is under a Creative Commons license