Slashdot Mirror

← Back to Stories (view on slashdot.org)

2M New Websites a Year Compromised To Serve Malware

Posted by kdawson on from the wave-upon-wave dept.

SkiifGeek writes "Sophos claims that they are detecting 6,000 new sites daily that have been compromised to serve malware to unsuspecting site visitors, with 80% of site owners not aware that they have been compromised — though this figure is probably on the low side. With increasingly vocal arguments being put forward by security experts criticizing the performance and capability of site validation tools (though many of these experts offer their own tools and services for similar capabilities), and rising levels of blended attacks, perhaps it is time you reviewed the security of your site and what might be hiding in infrequently used directories."

2 of 72 comments (clear)

  1. Hmm, time to improve the common tools by davidwr · · Score: 4, Interesting

    Perhaps the time has come to harden the "common stacks" so certain switches are off.

    For example, once you set up your web site, "lock it" so if there are any changes to files or directories that shouldn't change, the site will break in a non-harmful way rather than be compromised.

    If and when these files need updating, the "unlock" process should be done using a tool independent of the main web-server process, perhaps by using a different web-server process running on a different port or even a process on a different computer that validates the request then passes it on to the main web server.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  2. Vendor FUD or Real? by a-zarkon! · · Score: 4, Interesting
    I for one would like some description of how they're detecting these 6000 new sites per day. Also, what are they considering a website? Do they include bot systems that configured to listen on port 80 as part of the worm propagation and command/control? That's not really a website in my opinion, but it may be in theirs. It would be great if they published a list of the 42000 new websites they have discovered over the past 7 days, you know just to back up their claim. Wouldn't hurt to notify the owners of those sites that they've got a problem.

    Absent more detail, I am calling shenanigans on this statistic, Sophos, and the Register. I am soooo sick of the FUD.

    Harumph!