July 9, 2006

Beware Of Malware-Infected Blogs

Internet users and blog-browsing addicts beware! As weblogs come free and are quite easy to use, they continue to gain popularity. Hence, criminals operating on the Internet are becoming more aware and are taking advantage of the use of these online personal journals to ensnare unwitting victims. Not long ago, spyware and malware were spread mostly through email and file-sharing, and system infection was prevented by spam blockers and email scanners. Nowadays, clicking on a seemingly harmless link can make you vulnerable to those with shady intentions in an instant.

A common practice of computer crooks involves making up phony weblogs that look harmless or genuine. They then embed viral codes or keylogging programs within the site, and send out the blog’s url address through spam e-mail, chat rooms or instant messenger. Even innocent blogs that allow comments that are not moderated may fall be victimized through comment spam leading to infected blogs. The trick lies in convincing the potential victim to click on a link that activates the malware embedded in the blog site, or leading them to input valuable information within the fraudulent blog, such as credit card details and account passwords, which the keylogging program then records and automatically sends to the site owner.

In computer and information technology, “malware” is a term that generally refers to software that is intended by the creator to cause damage or break into a computer system, often without the knowledge or informed assent of the owner. The different types of malware include computer viruses, Trojan horses, adware, worms, and spyware. On a more specific level, spyware is a type of malware that is primarily used for profit. Produced commercially, these programs are used for collecting information about the users of a computer system. It does this by activating pop-up advertisements, as well as changing the normal activity of a system’s web browser in such a way that the creator of the spyware benefits financially.

A typical sign that a spyware is in effect, is when a standard search engine query is redirected to a different page filled with paid-for ads. A certain type of spyware, at times referred to as stealware, does as its name implies; it steals from a genuine business or website owner by overwriting relevant marketing codes, such that the income value goes to the spyware author instead. Malware can also be used to thieve directly from the infected computer’s user, by installing keyloggers that record specific keystrokes as the user types in passwords, or other valuable information like credit card numbers. The malicious program then sends this information to the spyware creator, and that’s how the stealing begins.

In the case of a malware-infected blog, the site itself deceitfully serves as host to the malicious program. The setup is one that often allows malware to get past detection and filtering systems unnoticed. Furthermore, having a somewhat permanent place in the world wide web, it is always accessible to Internet users—all they have to do is click on an active link to be lured into the trap. As such, it posts a greater danger to those who are unaware that malware-infected blogs abound and how they can become victims.

Today, there may be hundreds of these malware-infected blogs that still continue to spread malicious software. The spread of these malware and spyware infected blogs may be due in part to the increased availability of malware and spyware to online crooks. Recent reports have it that certain search engines like Google are dealing with exposure of a special search capability in their system that allows end-users to locate and download malware files on the web. This feature was previously hidden and served as a device utilized and known only to security research and anti virus companies. The bad news is, these supposedly secreted features are by now known to hackers and profiteering Internet criminals. They don’t need to create these malicious programs to cause damage to other people’s computer systems or steal valuable data; hundreds of them are just a download away.

For one to find malware with the use of Google, it is essential to have the specific signature of a certain malware program. These signatures are now being shared on the Internet by hackers, and that causes greater ease for other online bandits to carry out the search for a particular malware program using its unique signature. In some pro-hacking web sites, the signatures are even indexed in an online database, such that users only need to input the name of the malware and it instantly returns the corresponding signature. End-users are even asked to share fresh malware to the site so that the site moderators are able to produce a signature for it fast, to be made available to other users. This way, hackers, even bloggers who are unskilled in hacking but nonetheless have a tainted intention, will be able to make use of any malware of their choice, and spread it through different blogs.

Probably the most important thing to do in order to protect your computer from malware is to install a trusted anti-virus program and to keep it updated. Scan computers on a regular basis, and also keep patches up to date. Keeping a firewall up should also help. Next is to be cautious when opening and reading email and instant messages, especially those that are unwanted, or come from email addresses you don’t recognize.

Furthermore, when using an instant messenger, beware of active links that even your trusted contacts send. Before you even consider clicking on any link, be sure to ask first what site it leads to. Better yet, you may even consider holding off on clicking the link until you’re able to personally talk to the person sending it to verify its authenticity. Ignoring the message is yet another option, if the message does not seem that important at all.

There is hope, however, as leading IT and Internet firms are coming up with ways to disable these web scammers. Information sites, as well as blog code improvements like Google’s “nofollow” tag, are up and running to help bloggers and other users protect their computer systems. While more advanced means are yet to make it to the greater public’s knowledge, staying informed and vigilant is the main defense against malware-infected blogs.