A Single Exploitable Website Capable of Tasks of Different Crime-gangs; Zscaler

Investigators from Zscaler claim to have uncovered that even one website with an exploit can prove helpful to several online-crime syndicates as each group modifies it for suiting specific purposes of their own.

Often, cyber-criminals hijack websites as also modify them so people accessing them can be taken onto domains capable of installing phony anti-viruses, an attack technique that of late is getting popular to yield the criminals handsome profits.

When cyber-crooks get hold over any target website, they apply BHSEO (Black-Hat Search Engine Optimization) tactic for driving visitor-traffic onto malevolent domains they already registered.

To explain BHSEO attacks, the Zscaler researchers said that there were 2 separate web-pages involved that were intended for separate audiences. One, apparently an innocuous spam page, targeted security scanners and Google-bot. This was done for obtaining the maximum returns possible, while having good rankings from Google, as also for eluding blacklists. The other, a redirect took audience onto a vicious URL, the researchers enumerated.

In the spam page's instance, a compromised website whose existing pages were untouched was added with newly-crafted ones that were used for spamming visitors. The pages were innocuous in that there was no disguised JavaScript in them. The redirection page, meanwhile involved a Hypertext Transfer Protocol i.e. one 302/307 HTTP was crafted mainly for using certain Hypertext Pre-processor (PHP) file alternatively any .htaccess file for doing the redirection.

The exploit-laden website can be worthwhile to other criminals too. Lately, compromised websites increased numerically that diverted visitors onto rogue anti-virus sites also having malevolent JavaScript. This script, a disguised one, was incorporated into the sites prior to including the actual HTML script thus increasing their chances of getting Google-blacklisted.

But, web-surfers can largely safeguard their computers from the above kinds of assaults if they merely apply plentiful commonsense in addition to effective security software. However, it's also necessary for website proprietors and operators to act appropriately such as at least regularly verify the websites for any probable unauthorized access, Zscaler suggests.

Several software products are also available with security agencies, which conduct automated inspections of domains, for determining the URLs' sanitization status, Zscaler adds.

Related article: A New "Blackmailing" Variant Creeps Around…

» SPAMfighter News - 03-05-2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next