Posted by Sam Leeson on Mon, Jun 21, 2010 @ 01:53 PM
I've been rolling this blog post around in my head for a week or so. I mean really, what can one say about on-line porn sites and security that hasn't already been said? Most of us know that if we decide to spend time surfing around in the "less desirable" areas of the internet then we are opening ourselves up to the risk of malware infiltrating our computer and infecting everyone we know with viruses.
If this information is understood and we know that we are putting ourselves at risk then it can't be a surprise, with all of the "free" adults-only websites there are out there, that "malware distribution itself appears to be the only profitable sideline for the adult industry." So, what do you need to know?
One group with collaborative efforts from members at Secure Systems Lab, Technical University Vienna, Institute Eurecom, Sophia Antipolis and University of California, Santa Barbara decided to create and operate two different "adult web sites." They performed a series of experiments and ran a "security analysis of data obtained from web site visitors," which allowed them to assess and evaluate "remote vulnerabilities of visitors and possible attack vectors."
One of the scariest parts of their findings was just how inexpensive, and therefore lucrative, it can be to take advantage of site visitors citing that they "could potentially exploit more than 20,000 visitors by spending only $160."
In short their research lead them to conclude that "many adult web sites try to mislead and manipulate their visitors, with the intent of generating revenue . . . [by employing techniques, which] range from simple obfuscation [like] blind links . . . to sophisticated redirector chains that are used for traffic trading. Additionally, the used techniques have the potential to be exploited in more harmful ways, for example by facilitating CSFR attacks or click fraud."
No one is suggesting you should remove any specific website content from your "favourites" menu, we are simply offering a gentle reminder that someone can always see what you are doing and where you have been as long as they have the know-how and access to your system.
At the end of the day, YOU might not catch anything while surfing around on-line porn sites, but your computer might! As with anything, vigilance is key; don't forget to practice safe surfing. Fill out the free form on the right side of your screen and have your first malware and vulnerability scan done now and see how safe your computer environment is.
Posted by Jason Remillard on Mon, Mar 08, 2010 @ 08:07 AM
Much like Mr. Reagan, we nned to trust but verify.
Very interestingly enough, in the past five or six days we have been detecting ad networks including Google Adsense, Adultadwords, and Adbrite allowing malware-laden ads on their networks. We are not the only ones who have identified this issue, check out the following links for more information about them:
Google Adsense distributes malware - Google blocks own publisher!
AdultAdWorld (AAW) -distributes malware - doesn't answer the phone
This highlights a major issue that we have been discussing for a long time with all of our customers -- that is, the need for ongoing Malware detection scanning. Your site might be nailed down. Your site might be clean from SQL injection, Apache flaws, cross site scripting, and the myriads of other issues associated with open source and custom developed software. However if you run any sort of ad network, widgets, or anything else that inserts code from other sites you are running a major risk.
In these cases you are a very simple publisher. You trust your ad network since they are your partner. And now those lovely people are inserting Malware into your site.
Looking further, although humorous but serious, Adsense itself inserted malicious ad code into a customer's website -- and then proceeded to ban them and slapped the nasty Malware alert window on this board buggers website.
Now, how are going to react in this sort of scenario? I'd be interested in your comments, however at the end of the day you have to trust somebody and I like trusting by a verification -- and in this case we use several third parties for our validation services since I don't trust anyone on its own.
That is our commitment to you as a client of sitesecuritymonitor.com. We bring the best of breed to you, from a solution perspective, from a resource perspective, from a research perspective.
Again, I am interested in any comments regarding this subject -- it is very unfortunate that the Malware purveyors have chosen to attack this vector to distribute their wares, but did you really expect them to stop? We certainly didn't.
Is Google Adsense a Trojan horse itself?