Spyware Infested Websites - The New Menace
Posted by Scoroncocolo October 19, 2009
On June of this year, About.com reported that at least 20,000 legitimate websites were infected.
It wasn't long ago when the most serious malware threats were executable files hidden in email attachments. That's not that hard to do. See my page on How to Hide a File in a Jpeg. While that threat hasn't entirely subsided, the biggest threat today, by far, is infected websites. Just landing on an infected site can infest your computer with trojans, keyloggers and other vile malware without you realizing it. The scary thing is that you don't have to click on anything on the page to get infected. You don't have to interact with the page in anyway. Just visiting the page for few seconds is all that is required.
Spyware Infested Websites
I assume if you are reading this page you are pretty tech savvy and therefore knowledgeable about security issues and careful about which Internet neighborhoods you visit and which ones you avoid. But is everyone who has access to your computer just as knowledgeable and careful as you are? Even if they are, it may not matter anymore. You may recall a couple of years ago when the Miami Dolphin's websites were hacked and visitors PC's were secretly being infected for a week before the offending code was finally found and removed. In June of this year, About.com reported that at least 20,000 legitimate websites were infected. In almost every instance the people responsible for maintaining these sites had no idea that their web pages had been hacked and that visitors to their sites were being infected with malware.
You probably have a firewall up and running, and it's probably something more robust than the firewall Microsoft ships with their machines. You are probably behind a really decent firewall like Zonealarm, for instance. You probably have always-running antivirus protection on your PC - something AVG or Avast. You probably have antispyware tools installed on your machine that you actually keep updated and run once a week or so. Being the tech savvy type, you no doubt have Windows set to automatically receive and install updates and most certainly you are not using outdated, unsupported browsers like Internet Explorer 6 or Firefox 2.0 or 2.5. Hopefully, you even use Secunia to make certain all of your non-Windows software is up-to-date and patched. In an earlier post, I talked about the importance of using Secunia PSI to insure that programs like Adobe Acrobat and Adobe Reader, two programs that black-hat hackers love to attack, are updated and secure.
Even with all this protection you can still be infected by happening onto an infested website. The reason is simple. The bad guys are writing malicious code 24/7 and they're good at it because it's a lucrative, if despicable, business to be in. And unfortunately, every piece of malicious code must be up and running in the wild on the Internet before it can be detected and dealt with by the "good guys" - the people in the spyware detection business and the people trying desperately to patch the security holes in the software we run.
I know you know this and I'm equally sure that you know people who don't know this but running your new Internet Explorer 8 browser in InPrivate Browsing mode (Ctrl+Shift+P) or Firefox in Private Browsing mode also (Ctrl+Shift+P) isn't going to help even a little. As you no doubt know, Private Browsing only erases your cookies and browsing history. It does nothing to safeguard your computer from malware attacks. In fact running our browsers in Porn Mode may give some of us a sense of false security that might encourage us to do some things we wouldn't ordinarily do. It's the "Nobody can see or track me" false security syndrome. It reminds me of the old urban legend that drinking Mountain Dew was as good a birth control method as using a prophylactic. You know what we used to call teenagers who practiced that form of birth control? - Parents.