Online adverts major carrier of malicious code, says study
- 01 April, 2007 22:00
Online advertising hosts 80% of all instances of malicious code, security experts warn.
An analysis of more than 10 million unique URLs, based on live web traffic recorded in the UK by security firm Finjan, found that hackers are increasingly targeting advertising.
Hackers have discovered that the complex structure of business relationships involved in online advertising make it relatively easy to inject malicious content into legitimate advertising delivery streams, Finjan’s latest Web Security Trends report says.
Malicious code is just as likely to be accessed through legitimate commercial websites as through disreputable sites, such as those with adult content or illegal downloads, Finjan warns.
The report also highlights a continuing evolution in the complexity of attacks, particularly the increasing use of randomisation techniques to conceal malicious code. More than 80% of the malicious code detected by Finjan was hidden in this way, making it virtually invisible to pattern-matching or signature-based anti-virus products.
“The fact that malicious code is just as likely to be found in legitimate categories as in questionable categories means that security products that rely solely on URL categories to block access to malicious sites are no longer effective,” Finjan chief technology officer Yuval Ben-Itzhak says.
The research also uncovered a new trend for hackers to bury malicious code on web pages served by automatic translation services, such as those offered by search engines.
Peter Christy, principal analyst at the Internet Research Group, says in the past attacks were dominated by worms and viruses designed to create a big and very visible disruption, however that has changed.
“Increasingly, modern attacks have criminal intent, and the attackers are becoming more proficient at obscuring the attacks and delivering them from otherwise reputable regions and website categories in order to circumvent many of the defences that have been effective against earlier attacks,” Christy says.
“These trends are a clear call-to-action for better detection and prevention methods.”