Slashdot Mirror
Blogs Latest Source of PC Infection
smooth wombat writes "The BBC has a story which indicates that filtering firm Websense believes at least 200 fake blogs are in existence which have malicious code that could infect your pc. Websense said it had seen examples of some computer criminals creating a legitimate looking weblog, loading it with keylogging software or viral code, and then sending out the address of it through instant messenger or spam e-mail. Websense warned that viruses hosted on weblogs might be a danger because they get round the filtering systems many firms have created to ensure malicious programs do not reach employees." From the article: "In separate cases some blogs were being used as storage lockers holding chunks of malicious code that the controller of a network of zombie machines wants those remotely-controlled computers to use."
WEBSENSE filters legit sites!
I'm a virgo and on Slashdot. Coincidence? Yes.
How could a blog site - or whatever kind of site for that matter - host and run keylogging software?
Articulos para gente geek: Poleras, linux, libros y mas
.. I couldn't give a crap about the General Public's blogs, so I don't view them.
I guess its bored Housewives that get caught by the virii
"Sweet llamas of the Bahamas !"
So basically they're saying there are now webpages that exist to infect your computer with malicious code through various browser security holes? Huh. Imagine that. I never would have thought that to be possible.
Dot dot dot.
... as if the fact they're largely written by self-important bores wasn't reason enough to avoid blogs and bloggers.
Is this really the case, are is it yet another attempt by corporations to subtly supress their employee's reading habits???
This doesn't seem to be a great deal of sites, after RTFA I now know there are around 8 million blogs and only 200 are infected.
Personally I'll take my chances........
Only they use a fake webpage to install shit, rather then using a fake webpage to take your info. The ideas the same though, most people on the web (or at least those just on it for the blogs) don't really know the difference between what looks like a professional page, and what IS a professional page. More wide spread education about the dangers of what can be found on the internet really needs to happen.
If the blog you are reading says... ... you probably shouldn't download the code.
"Today, I went with Billy and Johnny, and we went to the farm and saw a cow. It was a big cow! Download this program and it will show you how big the cow was!"
If the blog purports to be from some p0rnster, and the blog says "download this cool active X control, it will let you see all these hot pix I took at the club last night"... you probably shouldn't install the control.
Ok, I think I got it.
So there are 200 fake blogs among 8,000,000 that were drawn up with malicious code and this is a story? I'm sure there are far more websites out there that aren't blogs with malicious code. All it comes down is protecting your computer the way you prevent anything bad from happening, by not being stupid about it. 200 is a drop in the bucket when it comes to the blogging community.
The brighter criminals seem to understand that this well and more and more scams are less about clicking on something than it is about convincing someone to provide their SS#, banking info, etc.
http://www.busyweather.com/
from the article:
"Users were urged to keep anti-virus and patches up to date, regularly scan machines with anti-spyware products and exercise caution when reading unsolicited messages sent via e-mail or instant messenger."
in other words, "do all the things you should be doing anyway to prevent viruses/spyware/other bad things from being a problem". I wonder how many people out there don't actually do these things and why they don't. At this point, most users should be accustomed to this message.
Maybe the problem isn't that the fake blogs are carrying malicious code; rather that the browsers (coughIEcough) being used to surf the fake sites aren't secure enough.
Malicious websites will always be around; however, if we try and educate the public about security, they'll be rendered useless.
IGB: More fun than eating oatmeal!
there are sites on the internet that are _bad_!' well done. must have had some spare budget sitting around doing nothing. no, seriously - next you'll be telling us that google is watching us or those kind blokes in nigeria are lying to us too! sheesh. bloggers are getting it in the neck at the minute - americans want to censor blogs, even tho they haven't read one, people who blog about work get sacked and now they're remotely installing keglogging software onto pcs. where will it end?
Let see... The mainstream news is reporting "Don't go read the blogs or your PC will crash and burn." Does anyone else find it curious that blogs are one of the more potent competitors the the mainstream news in recent time?
They couldn't be trying to discredit the competition?
I do have a blog, or at least people call it a blog.
What I'm asking myself right now, reading this article is...
"What's the difference between a blog and a website?"
I mean, how could a proxy know it's a blog?
It can't, unless you talk about blogs hosted on big blogger networks.
But I'm not the only one having a blog on another hosting service, with my own domain and so on.
The same could happen with "personal home pages", the problem is, as usual, people click on anything that seems interesting, without checking the website where they'll end.
It's always a matter of Social Engineering, users have to be educated I think...
-- Personal Blog: http://www.delymyth.net/ (italian)
how do these blogs get outside the browser sandbox?
publishing this sort of rubbish should be punished.
Lacking the broad compatibility of Windows to run any executable at any time without pestering the user, Linux will slowly fall out of favor as the more "user friendly" Windows proves yet again that everthing "just works".
Developers must get their act together to make Firefox compatible with these soon -to-be mainstream methods of allowing users to update their PCs without worrying their little heads over such arcane details as "what does this application do?"
Until Linux can match Windows in this kind of ease of use, I'll have to stop using FC3 and Firefox and upgrade to XP and IE.
Note to mods: This post contains sarcasm. Do not eat.
"Today my frapachino wasn't frappy enough. Click this suspicious link to an .exe for more!"
yeah, I know, I read this site because it's written by humble yet well-informed and interesting people, who are careful not to make generalisations.
QUICK!! Ban blogs!!
Oh wait, the majority of the US public already want to :-).
Is this story trying to suggest blogs are somehow easier to drive traffic towards and if so these 200 blogs pose an increased threat?
If not, why the hell is this news worthy.
I am a bit baffled why this is news. How is this any different than any other attack via a web page? And how is a weblog any different than a vanilla web page? (That was meant an ironic, rhetorical question for those itching to answer that.) The techniques used to phish and to infiltrate a target machine via web pages are identical for weblogs ... since weblogs == web pages. (And yes, I do appreciate there are persons in the world who do not understand the two are the same.)
How on earth can one conclude that blocking people from all weblogs will protect them? Unless you also block them from all web pages to boot, ie the entire world wide web.
Can someone confirm this? Are you telling me companies actively track if a site is a weblog ... and if so lower the security precautions for it?
I am a bit disappointed that BBC reported this article. Talk about FUD.
Give me a break. I direct my browser to an HTML page and that page is loaded with keylogging software or viral code???
.exe file wants to install on Windows, just like in the 0900 dialer days...
How is that supposed to work? Is the viral code a Javascript application?
Maybe they just should have written that some
The article says it all...
"Users were urged to keep anti-virus and patches up to date, regularly scan machines with anti-spyware products and exercise caution when reading unsolicited messages sent via e-mail or instant messenger."
C'mon, people...This stuff should be habit by now.
GET FREE APPLE STUFF!
Why is anyone still using Internet Explorer? Even if the only browser your bank's site supports is IE, don't use it. Just drive down to the bank. Besides, some of the tellers are attractive women.
lmao this is great. only blogs can hold malicous code. they are dangerous and must be banned. IE is safe and not to blame.
can we plz get a link?
Comment removed based on user account deletion
Shouldn't this be:
"The BBC has a story which indicates that filtering firm Websense believes at least 200 fake blogs are in existence which have malicious code that could infect Windoze pc.
Only if they have some shots of the sweet, sweet udder !!!!oneone
Yeah, right.
am i the only one now ashamed to be a firefox user? when i first got firebird (0.7) it was a respectable piece of open-source software to use.
now, (i posted on spreadfirefox about wikipedia), most firefox users don't even know what a wiki is.
i'm in gnome in fc3, and want konqueror back. you know you're in a truely geeky browser when the find function and handle regex.
You might be a dumbarse!
I used to like George Bush, but seeing you in action has made me a Democrat. It's like the man who turns all his girlfriends lesbian. Well, except I am a man and without the cunniligus.
It's the people that are getting mentally infected by blogs.
Blogs are enabling rare fringe people to come together in communities unlike ever before.
Society is becoming different because of these of communities that reinforce and develop their special culture using blogs.
Expect many failures of these communities, but also expect a few to produce flourishing growth of ideas that might spread into the non-blogging world.
"Provided by the management for your protection."
Websebse making a big deal about blog bugs should be taken about as seriously as Symantec making a big deal about cell phone or Macintosh viruses. At best it's self-serving.
But there's something bigger that really bugs me: Websense is part of that big conglomeration known as "them" or "they". Sometimes it's hard to tell where the government stops and "they" start. The American media is another big member of "them" and blogs are a threat. So "they" have to do whatever they can to steer people away from them--make it unclear what exactly a blog is, tell people their computers will get viruses if they read blogs, censor their content--we'll hear more in the next few months I'm sure.
Those in control are just trying to draw devil horns on blogs so that they can stay in control.
Companies like websense and s4f (a direct competitor to websense) keep big databases of websites which fit into different categories (porn, crude/tasteless, gambling, sports, personal websites) and their products are supposed to filter based on which categories the user (or sysadmin) wants to disallow. It's a big game of whack-a-mole, however, because new sites spring up all the time, AND as you pointed out, blogs are just as prevelant on privately owned personal domains as they are on big blog-servers.
Malware is spread via websites. We've heard this for years. Why is it now suddenly news that some rogue blogs are being used for this purpose? Sounds like a cheap play for media attention from a company who does nominally effective content filtering.
This whole article wreaks of bullsh*t and scare tactics. The entire internet is capable of playing host to nefarious code. A few hundred blogs out of millions? This s just weak reporting.
Havoc Video
The best way to deal with this kind of theft is by refusing to shop online using ones credit cards, how much ever tempted you may be. Infact after the globalization of market, you can get every thing in your city itself which might be just a short drive by car or walking distance. ;).
2) Do not store any sensitive data like your personal information and bank account details on the computer if possible. And if you do store it, make sure it is stored in encrypted form. There are numerous encryption softwares available like "gnupg" and "PGP".
3) Use a stable modern operating system like linux or freebsd which is secure even the first time you log on. And as an added precaution make sure that your personal details are in a user account other than the one you use for internet browsing.
4) Do not click on a link or a button before reading and understanding what it states.
5) Do not visit p0rn sites as a rule using your computer. If you are in the mood, borrow a cd from the video library in your neighbourhood
6) Make it a habit to change your passwords to important accounts on the web on a constant basis - maybe once a week.
Linux Help
for all things on Linux
Oh know, 200 sites! Buy our software and we'll keep you safe!
Comment removed based on user account deletion
Since I don't read blogs, I guess that I am innoculated against this "threat"...
One man's Funny is another man's Offtopic.
Blogs are the latest Internet hype-fad, therefore a blog with drive-by spyware is news while every other site with it isn't.
With services like blogger and live journal an average joe can set up a blog in under 3 minutes. Most blogs these days (not all but most) are set up by people with no sense of publishing online content. This is bearable. That are what blogs are for. Putting your thoughts out there without having to be a professional. Now a even bigger section of people are new to blogging and super dumb. They are all pumped up. They jump from blog to blog thinking that all blogs are setup by stupid people. Now some smart ass people disguise harmful code as innnocent blogs. Imagine you go to a blog and see "Hi, I'm the innocent abercrombie chick. If you want to see my photos from last night's party, click here. And yes, i dont know why but you might see some message like 'ActiveX' blocked. Please click on 'allow activex on this site'" Isn't it scary? And an increasing number of websites are putting out web forms like "please enter your yahoo id and password. We will make sure that an invitation is sent out to all your friends." Forget the average Joe, I know real software engineers who have entered their yahoo id and password.
fuvoo: watch something
Comment removed based on user account deletion
3) Use a stable modern operating system like linux or freebsd which is secure even the first time you log on
Thats not always true. The Linux distro you install may contain old versions of software, enabled by default, that are vulnerable to buffer overflow exploits.
Fell for it, then I read the one keyword "Websense".
We've got the typical windoze shop issues here & they love websense. It "protects" them while they run w/local admin rights & hand out root passwords to the Aix boxes to vendors.
Websense has a history of scare tactics in the past & doubtlessly will continue. It also generates big numbers to beat the peons down with. Every banner & link on a page seems to count as a "webpage" to some websense/"security" admins.
In the past, I have noticed people such as the GNAA posting comments into blogs. These comments will contain Javascript that will do something nasty, normally redirecting the page to goat.cx or Last Measure. This makes it easy to disguise goat.cx links in Slashdot comments or, occasionally, redirect a blog linked to in a +5 comment or even the story itself to goat.cx.
So my question is, could this sort of Javascript exploit be used to spread trojans/malware via other people's blogs using the comments section?
Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
Let me see if I've got this right: there's supposed to be this huge spam problem in weblogs? That's the most ridiculous thing I ever..^C
MAKE YOUR WIFE HAPPY TONIGHT, GO TO www.makemydingdongbigger.com
tiger pickle scruffy bubble hiccup snort gronk
It's true no man is an island, but if you take a bunch of dead guys and tie 'em together, they make a good raft.
I'd love to check out the page, but it's been Websensed as:
"Your organization's Internet use policy restricts access to this web page at this time.
Reason:
The Websense category "Tasteless" is filtered."
The solution is to use all those wonderful features that modern operating systems have, such as permissions (old school) and ACLs (shiny and new) to prevent the ability of malicious code to function in the first place.
Groklaw seems to cause some of its posters to launch virulent attacks against other web sites.
My faith is expressed through Nihilism. Do you understand?
Okay, just this once...
If you've never read a blog, how do you know that 99% of them are lame? You must be psychic. I'll let Miss Cleo know you're available for work.
On the net since 1990? What does that prove? That you're not only close-minded and ignorant, but you've been so for a long time?
So Yahoo! and blogs have not caught on with you? Hopefully spelling and grammar will soon, at least.
It sounds like somebody is confused between web browsers and program loaders.
Oh, MSIE... gee, how could I have ever guessed?
In IE, you can turn off Install on Demand
Go to Tools-Internet Options-Advance tab
Make sure both Install on Demand boxes are not checked.
Now IE will prompt you instead of doing an auto-install. If you see soemthing suspicious than dont install it.
It's simple. Internet Explorer is chock-full of exploits for two reasons. One is the technical reason. It attempts to be "all things for all people," incorporating extra technologies that ought to be installed separately at users' discretion. That concept is Microsoft's claim to fame -- and it's made them a wealthy corporation.
The more important reason is, however, that Internet Explorer is the most widely-used browser on the planet -- and it is used by an overwhelming segment of those new to the Internet AND on an overwhelming segment of public and/or workplace terminals. Even if its security on a technical level was precisely equal to Firefox, Opera, or [insert your pet browser here], more exploits would exist for it due to the greater amount of pressure being exerted upon it by those interested in doing damage. If Firefox were the primary browser on public terminals, you can bet someone would start specializing malware to harvest account data from it -- but Firefox is not the primary browser in use on public workstations.
Microsoft has done this calculus, or something much like it. Right now, their browser boasts "compatibility" with all websites. That holds appeal to people who don't build their own computers. On the other hand, Opera and Firefox will load...most websites. Mostly. And, you can load most of the missing content at will if you know what you're doing. Most, and if. That is not attractive to people who can't tell C++ from machine code. If Microsoft secured IE, their product would have to compete somewhat directly with others, as they would have to cut back on "features;" however, as it is, they have a prima facie advantage to the neophyte in that their browser will require less intervention to function fully.
Solution? Use what suits you best. Use a second-tier browser, and enjoy the free ride you recieve at the expense of the crowd using the more common technology -- just remember to not check your bank balance on public terminals. Or, if you don't check your bank account or fill taxes online (neither one is a good idea regardless of which browser you use -- yours is not the only computer between you and the bank), use IE and get your kids/neighbor/dog to reformat your drive every few months to clean out the garbage. There are worse ideas...
Fear=control.
Same bullshit, different day.
-FL
If I wanted to read pointless stories posted on fark (sever days ago mind you) I would just go there. Why is this news?
As long as the ads are not annoying I will not block them. When they distract me or take away from the site there gone!
When I say, linux is secure the first time you log on, I mean it w.r.t a person using it as a desktop OS and not as a server. While windows OS, once you install the OS , it installs with default security of "everyone having access " to all the folders. It is the users prerogative and duty to implement the security. Which is not the case with linux/unix. That is what I meant.
Linux Help
for all things on Linux
Two words: ActiveX exploit. .xpi file for Mozilla, but Mozilla asks by default.
I also met attempts to install an