Malware Inserted PCs Spread Infection to Websites

Most of the people know that a computer virus can be transmitted from one PC to another but, as per stopbadware.org, an infected PC can pass its infections to websites also.

As per the website, cyber criminals have been hitting a large number of websites for stitching their malicious codes into them.

As some people have been blaming lazy IT administrators for outburst of such attacks because they do not keep their systems up to date with the recent security patches, people who access the infected websites state that they are witnessing flood of websites hacking reports, as per StopBadware.org.

StopBadware claims that this new technique of malware spreading involves automated theft and stealing of hacked FTP details from infected computer.

The installed malware looks for usernames and passwords in famous FTP clients such as Filezilla and CuteFTP, and then makes use of stolen details to upload customized code on the web server. This result in a vicious cycle for an innocent website owner, who finds malicious code on his site, redress the problem, and again discovers the site infected with another new exploit code next day or sometime later.

In addition, some of the most harmful malicious software circulating today (ex. Virut) consists of dispersal capabilities that hark back to the file-infecting techniques of the earliest viruses, which proliferate by making copies of themselves, or by inserting their code into other files on the host system.

The website claims that malware usually changes existing files on the victim's system to increase the chances of exchanging infected files with new host systems. One of the most effective ways of doing it is - malware inserts copies of itself into the HTML files discovered on a victim's system.

The number of infected websites is rising at a fast pace. StopBadware advises the best thing that site owners can do to diminish this problem is secure their systems from malware. An additional security measure is to discard the choice of securing the account password in the FTP client software.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 8/4/2009