To Customer Support To Customer Support

Drive-by Malware: Where are you most vulnerable?

YegorP
Userlevel 7
You may be surprised to find out that a porn or gambling website is likely safer than a mainstream website, such as a business or industry one when it comes to picking up drive-by malware. Not to say these "risky" sites don't host malware (they sure do), but according to Cisco's (a Webroot partner) 2013 Annual Security Report:
 
"The vast majority of Web malware encounters actually occur via legitimate browsing of mainstream websites. In other words, the majority of encounters happen in the places online users visit the most-and think are safe. Just a few examples of legitimate sites that have been used to deliver malware included employment websites, disaster relief centers, hotel Internet connection sites, and U.S. Federal government websites."
 
If you think about it, though, it makes sense. Despite their taboo status, "risky" websites typically don't get the kind of wide-scale traction that mainstream sites do. And cybercriminals like 'wide-scale', as it gives them more victims to prey on. Still, it's hard not to be a little surprised. I know I am. Are you?

 
Full story here.

 

(Source: Webroot.com)
--Yegor P-- Social Media Content Coordinator New to the Community? Sign up for FREE today.

10 replies

shorTcircuiT
Rank
Userlevel 7
VERY surprised actually.  You are quite right about the desire for "wide-scale" distribution, but at the same time one would expect such mainstream sites such as major businesses and government sites to be much more proactive regarding keeping the content secure.  Having been involved with computer repair for quite a while, I frequently have had the experience of a customer being a bit embarrassed regarding how they got infected because so very often it has been a porn or gambling site.
 
Very interesting indeed!
DanP
Rank
Userlevel 7
Badge +35
It's not that malware is not being hosted and served by mainstream websites, the malware is coming through Dynamic Content Providers and Online Advertising (Can you say Java?) The report lists malicious scripts and iframes as responsible for the vast majority of infections, with exploits coming in at a very distant second.
Webroot Threat Research
shorTcircuiT
Rank
Userlevel 7
@ wrote:
It's not that malware is not being hosted and served by mainstream websites, the malware is coming through Dynamic Content Providers and Online Advertising (Can you say Java?) The report lists malicious scripts and iframes as responsible for the vast majority of infections, with exploits coming in at a very distant second.
Let me rephrase slightly, as I did not make myself quite clear.  I didn't mean the actual intended content of the page, I meant I would have thought the main stream pages would be more secure due to more carefully monitoring the third party content providers: avoiding use of services known to provide risky content in that 3rd party material.
DanP
Rank
Userlevel 7
Badge +35
I thought it was the article that wasn't quite clear... The content providers and ad networks must also be closely monitoring the content they are delivering, at least one would hope they are. The malware writers know how to sneak just enough malicious content through under the radar...
Webroot Threat Research
pegas
Rank
Userlevel 7
Thanks Yegor for the interesting article and thanks Dan for clarifications :D
 
I am glad I am using Ad Muncher along with WSA 😉
RWM
Rank
Userlevel 6
I have found that some of the most pernicious emails are those that imitate financial institutions like Chase Bank, Citibank, JP Morgan Chase, Wells Fargo and Western Union, which direct you to a website.  The artwork some of these scam senders use is masterful.  I've come close to being fooled on a couple of occasions, and I like to think of myself as reasonably sophisticated.
 
When I get one of these suspicious emails (particularly those that refer me to a link), I always contact the institution and get a "spoof" email address I can forward the suspicious emails to.
 
Pegas, not to digress from the thread, but what's your preference, Ad Muncher or Adfender and why?   I presently use Ad Fender and it has served me well.
pegas
Rank
Userlevel 7

@ wrote:
Pegas, not to digress from the thread, but what's your preference, Ad Muncher or Adfender and why?   I presently use Ad Fender and it has served me well.
Hello RWM, I think that a small offtopic will be accepted by Moderators :D
 
I tried a few ad blockers in the past but recognized Ad Muncher is simply the best. No footprint, no crippled sites due to Ad Muncher, the fastest loading of munched sites, great support etc. but the most advantage over other ad blockers is that Ad Muncher goes and does far than the rest. Please read what Jeff (AM developer has said) here.
RWM
Rank
Userlevel 6
Thanks, Pegas!
pegas
Rank
Userlevel 7
@ wrote:
Thanks, Pegas!
You're welcome :D
 
I think that it is indeed the best ad blocker. It is like WSA in IT security industry. Therefore the both have earned the place of honour in my signature along with Opera and CCleaner which I rate the best browser resp. cleaner.
shorTcircuiT
Rank
Userlevel 7
Be extra careful with your mobile devices and porn though.  Nearly 1/4 of mobile device malware does come from it.  Malware links of any type tend to be harder to recognize on mobile devices.
 
CNN artible

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.