Slashdot Mirror

← Back to Stories (view on slashdot.org)

5 Million Domains Serving Malware Via Network Solutions

Posted by Soulskill on from the going-for-the-gusto dept.

An anonymous reader writes "A compromised widget provided by Network Solutions was serving malware on otherwise legitimate websites. But, as bad as this discovery was, it was overshadowed a couple of days later by another revelation: the widget is automatically included on every 'parked domain' by Network Solutions! Searches on Google and Yahoo! revealed 500,000 and 5,000,000 domains affected and serving malware, respectively. A manual check of some 200 parked domains on the list showed that all of them were provided with the malware-serving widget." The researchers who uncovered this issue alerted Network Solutions, and the widget was taken down a few hours later.

7 of 67 comments (clear)

  1. Malware = Response Policy? by alphatel · · Score: 2, Interesting

    Yet another reason to use the new RPZ in BIND to blacklist all parked pages. Not really what anyone was hoping for though.

    --
    When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
  2. Malware within malware? by Unordained · · Score: 2, Interesting

    Is this analysis of r57shell still relevant?

  3. Malware via browsers? by Anonymous Coward · · Score: 1, Interesting

    Apart from Internet Explorer and ActiveX, how the hell can a web page infect a computer via a Web browser?

    AFAIK Javascript can't write files to the OS, so how are they doing it?

    1. Re:Malware via browsers? by zonky · · Score: 2, Interesting

      probably exploits via flash, or a windows image library.

  4. Re:At least they did the right thing by Anonymous Coward · · Score: 2, Interesting

    "The researchers who uncovered this issue alerted Network Solutions, and the widget was taken down a few hours later."

    Sucks that it happened, but at least they did something about it as soon as they found out.

    NOT surprised from these guys.
    They have a bad track record and continue to indulge in dirty practices like domain stealing.

  5. Re:Network Solutions by sarysa · · Score: 5, Interesting

    I'm not surprised by TFA, but I'm not in the know when it comes to which domain parkers are "legitimate" and which aren't. Regardless of their status, accidentally hitting a parked domain on a Windows box (i.e. my work PC) has been a bit of a gut-wrenching experience for a number of years now...

    --
    Charisma is the measure of someone's ability to lie with a straight face.
  6. Damn it by trifish · · Score: 4, Interesting

    If I disregard the fact that this is an obvious Slashvertisment for some obscure thing called "HackAlert", let me tell you that I don't care WHICH or HOW MANY sites serve malware. There will always be sites serving malware, damn it!

    What I care about (and this was -- as usual -- NOT answered anywhere in TFA/Slashvertisments), are these questions:

    1. Does the served malware exploit a vulnerability for which no patch exists?
    2. If 1 is true, what browsers and operating systems are affected?

    If any kind soul knows and posts this information, you are bound to get some positive karma. Thanks.