Finjan Brings Out Report on Web Malware

Finjan's Malicious Code Research Center conducted a security survey over some 10 million or more URLs, Web server locations, and IP addresses to spot the origin of corruptible attacks. Pcworld published this on March 27, 2007. Finjan summarized an analysis of the surveyed URLs based on U.K.'s live Web traffic, published Darkreading on March 26, 2007.

The survey found United States as the biggest host of malware attacks. This contradicts the popular belief that China, Russia and Eastern Europe - with weak policies regulating cyber crime, were distributing the maximum malware. The survey results further showed that Web advertising and the complexity with which it hosts them and partner relationships were a part of the malware emerging on reputed sites like MySpace.com.

Moreover, malware writers were making use of the sites' own services like the language translation feature to conceal their attacks in a manner that would be hard for conventional signature-based detection programs to spot.

According to Yuval Ben-Itzhak, chief technology officer of Finjan, while talking about malicious code people relate them to Russia and China. But Finjan found that 80% of the malicious software originated from U.S. hosted servers. Computerworld published this on March 26, 2007.

The Finjan survey also reported that malicious code continuously appeared on legitimate Web sites that consumers and business people frequently visit. While in the past most malware tended to appear on doubtful sites like those containing porn, now users could get their PCs infected by visiting even travel and finance sites, for example.

In a recent instance, an advertisement canvassing a security program called WinFixer started to appear on Microsoft's Windows Live Messenger in February in the absence of the company's knowledge or approval. Similarly in June last, a banner advertisement appearing on MySpace.com contained malware that infected approximately 1 million computers, Finjan reported.

Therefore Finjan concluded in its report that businesses should use something more than URL filtering to prevent Web-based malware. They could use Finjan's security equipment in addition, which provides "zero day protection". There are some other products for real-time analysis of Web sites that consumer security firms are selling.

Related article: Finjan’s Web Security Comes Up With A New Method To Escape Attacks

» SPAMfighter News - 3/30/2007