Top 11 Malware Threats To Watch Out For

I found several quotes from the article “Top 11 Malware Threats To Watch Out For” worth repeating …


 “In 2008, we’ll need the word because online advertising will become a major security problem. Indeed it is already: about 80% of malicious code online comes from online ads, according to the Q1 2007 Web Trends Security Report


For the naysayers that state it isn’t right to block advertising … let’s repeat that quote:
80% of malicious code online comes from online ads


It seems like almost every day you read another item reporting malicious ads here and malicious ads there … but yet no one seems to take responsibility. I have yet to see one of these legit sites that have served up malicious content, offer any kind of help to the infected end-user.


These sites need to step up and accept the fact that content on their site that infects a visitor is ultimately their responsibility and they must offer the infected user some relief … hell they don’t even post a link to an online AV scanner.


Analogy time … when your Identity gets stolen in most cases now the affected user is at least offered a credit monitoring program. So where is the same type offer for visitors to a infected web site?


Case in point … a short while back BestBuy sold some Insignia Digital Picture Frames that were infected … but there was no offer to clean the machines affected, even though most BestBuy stores have their own inhouse PC repair shops.


sneaky cookies, or subdomain cookies if you prefer something less pejorative, look like they’re coming the Web domain of the site visited, but the subdomain they come from — subdomain.domain.com, for example — is set to point to a third-party server. The reason this is done is to avoid being blocked by users who have their Web browsers set to reject cookies from third-party sites.”


Just to show you a few examples … these are all aliases for Omniture (2o7.net)


127.0.0.1  om.businessweek.com
127.0.0.1  om.dowjoneson.com
127.0.0.1  om.expedia.com
127.0.0.1  om.philly.com
127.0.0.1  om.pokerlistings.com
127.0.0.1  om.sfgate.com
127.0.0.1  om.symantec.com
127.0.0.1  tc.symantec.com
127.0.0.1  om.usnews.com


And yes I took a lot of heat for the Symantec entries, but I used them to prove a point … that even legit companies use these sneaky tactics to extract information from their visitors …



Comments are closed.