Growth of the Underground Cybercrime Economy

← Back to Stories (view on slashdot.org)

Growth of the Underground Cybercrime Economy

Posted by samzenpus on Wednesday February 20, 2008 @06:22PM from the nothing-is-safe dept.

AC50 writes "According to research from Trend Micro's TrendLabs compromised Web sites are gaining in importance on malicious sites created specifically by cyber-criminals. The research debunks the conventional wisdom about not visiting questionable sites, because even trusted Web sites such as those belonging to Fortune 500 companies, schools, and government organizations can serve forth malware."

3 of 94 comments (clear)

Min score:

Reason:

Sort:

The Power of Google by TubeSteak · 2008-02-20 18:55 · Score: 4, Interesting

http://www.google.com/search?q=site:.edu+viagra
http://www.google.com/search?q=site:.gov+viagra
Only two pwned sites in the top 10 for .gov
It'd be ironic if idtheft.utah.gov was handing out malware.

Replace viagra with other spamwords & you'll get more of the same

--
[Fuck Beta]
o0t!
1. Re:The Power of Google by TubeSteak · 2008-02-20 19:09 · Score: 4, Interesting
  
  I hate replying to my own comments, but the States seem to be doing a much poorer job than the Federal Government.
  
  http://www.google.com/search?q=site:k12.ny.us+viagra
  That brings up pwned K-12 school websites from New York
  
  http://www.google.com/search?q=site:.ny.us+ringtones
  This frequently brings up state websites
  EG: New York State's Division of Military and Naval Affairs website has been exploited.
  
  I don't mean to pick on New York, but they seem to be worse than many other States.
  Replace .NY. with your state's abbreviation
  
  --
  [Fuck Beta]
  o0t!
Re:it's called No Script by mlts · 2008-02-20 19:37 · Score: 4, Interesting

I think as time goes on, perhaps the best way to browse the Web is having a virtual machine running under a dedicated, locked down user, so if the OS in the VM is compromised, an unknown exploit that might let malware out of the VM to compromise the host would be stopped. Its not 100%, but it seems to be the best way of doing things. Of course, the Web browser should have Noscript and Adblock functionality for a lock on the front door.

Eventually, I wonder if the Web browser should be completely enclosed in its own VM, where it doesn't require an explicit launching of a client OS, perhaps similar to how Thinstall wraps applications so all changes are only written to a sandbox directory. Vista's protected mode in IE7 is a start, where IE7 does not have access to the full Registry, but more separated from the rest of the machine with limits on CPU and other resources.