CONSUMER NEWS    RECALLS    COMPLAINT FORM    SCAM ALERTS  


Complain about a product or service
Small Claims Guide | Class Actions | Lemon Law | FAQ | Resources | Newsletters | Spanish
Automotive    Education    Electronics    Family    Finance    Health    Homeowners    Shopping    Travel   
NEWS   Latest |  Archives |  Auto |  Cells, etc. |  Computers |  Financial |  Health |  Homeowners |  Parents |  Privacy |  Scams |  Seniors |  Travel

Warning: Toxic Blogs




April 13, 2005
Blogs, or online journals, have become a popular feature of the Internet, allowing readers to swap information and opinions. But a computer security firm warns that some blogs are also sharing nasty viruses.

Websense, which provides Internet management solutions for businesses, says blogs are increasingly being exploited as a means to distribute malicious code and keylogging software. To date, Websense Security Labs says it has discovered hundreds of instances of blogs involved in the storage and delivery of harmful code.

According to the firm, cyber-criminals are taking advantage of blog sites that allow users to easily publish their own web pages at no cost.

It says blogs can be attractive vehicles for hackers for several reasons, since blogs offer large amounts of free storage, they do not require any identity authentication to post information, and most blog hosting facilities do not provide anti-virus protection for posted files.

In some cases, the culprits create a blog on a legitimate host site, post viral code or keylogging software to the page, and attract traffic to the toxic blog by sending a link through spam email or instant messaging (IM) to a large number of recipients. In other cases, the blog can be used as a storage mechanism, keeping malicious code that can be accessed by a Trojan horse that has already been hidden on the user's computer.

For example, on March 23, 2005, Websense Security Labs issued an alert detailing a spoofed email message that attempted to redirect users to a malicious blog which would run a Trojan horse designed to steal banking passwords.

In this situation, the user received a message spoofed from a popular messaging service, offering a new version of their IM program. Upon clicking the link, the user was redirected to a blog page which was hosting a password-stealing keylogger. When predetermined banking websites were accessed, the keylogger (bancos.ju) logged keystrokes and sent them to a third party.

"These aren't the kind of blog websites that someone would stumble upon and infect their machine accidentally. The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link," said Dan Hubbard, senior director of security and technology research for Websense, Inc. "In addition, the blogs are being utilized as the first step of a multi-layered attack that could also involve a spoofed email, Trojan horse, or a keylogger."



Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.


Consumer News

August 30 2008

Recent Recalls & Safety Alerts



FREE CONSUMER NEWSLETTERS

The Daily Consumer
Afternoons M-F
Sign up now!

Consumer News & Alerts
Every Sunday
Sign up now!

Knowledge is free.
Knowledge is power.



Back to the top |

Advertisement


Home | Complaint Form | News | Recalls | FAQ |
Consumer Resources | Small Claims Guide | Lemon Law | Newsletter | Contact Us
Advertise With Us | Testimonials | Newsroom | RSS Feeds |

Terms of Use Your use of this site constitutes acceptance of the Terms of Use

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Company Response Welcome If complaints about your company appear on our site, we welcome your response. Please see the Response Form for more information.

For more information, see the FAQ and privacy policy. The information on this Web site is general in nature and is not intended as a substitute for competent legal advice.  ConsumerAffairs.com Inc. makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof. 

Copyright © 2003-2008 ConsumerAffairs.com Inc.  All Rights Reserved.    The contents of this site may not be republished, reprinted, rewritten or recirculated without written permission.