Keylogging Website Trend
Keylogging Website Trend
***14-Apr-2007Experts say website vulnerabilities are leading to a rise in online keylogging
Websites are increasingly and unwittingly being used as keylogger propagation points, researchers say, because web applications are riddled with vulnerabilities. In 2005, WebSense noted that spyware-related websites nearly tripled to 130,000, along with a quadrupling of phishing sites to 27,000. Of the 2,000 new vulnerabilities tracked by Symantec in 2005 (a 40 per cent increase over 2004), 69 per cent were in web applications.
“You don’t have to be a Ninja hacker to hack websites and set them up as Trojan installers. Now you can download a complete kit for all that. And you can run it all over IRC (internet relay chat),” says Ben Butler, network abuse manager at GoDaddy, a web-hosting company that also sells domain names and other website-related services.
Researchers say the most common way web applications are hacked is through vulnerabilities in code written in the PHP (hypertext preprocessor) scripting language used in interactive forms for registration, information requests and other server-side transactions.
“If you’ve got a website, and PHP isn’t patched and up-to-date, somebody’s already figured out a way to piggyback malware onto your PHP communications field in your interactive web application,” says Butler, who’s active in the Anti-Phishing Working Group and Digital PhishNet. “PHP is an extremely hacked application, because a novice user may have put up a website with a PHP form in it two years ago and missed the 37 patches that have come out since.”
Crimeware installers also are targeting web servers running email servers so they can propagate spam, adds Kyle Lutz, a volunteer with Shadowserver.org, a grassroots, botnet takedown group. Lutz says he’s keeping an eye on 40 active botnets, some involving 75,000 compromised devices. Wherever Shadowserver volunteers find one infected website, they usually find malware across the entire server farm, he adds.
Talk about this article on our phishing news discussion forum
MillerSmiles is the web's dedicated anti-phishing service. Launched in 2003, the site has become one of the most trusted internet security related websites on the internet.
For enquiries relating to this story or any other part of the MillerSmiles website please email the MillerSmiles team here
If you are interested in business and partnership opportunities with MillerSmiles please email us here