02:56 PM

Hackers Spreading Spyware From Free Personal Web Sites

In another new malicious twist, hackers are using free personal Web hosting sites provided by nationally- and internationally-known ISPs to store their malicious code, and to infect users with worms, viruses, and spyware.

Attackers are using free personal Web hosting sites provided by nationally- and internationally-known ISPs to store their malicious code, and to infect users with worms, viruses, and spyware, a security firm said Monday.

Websense, a San Diego, Calif.-based Web security and content filtering vendor, has detected a big jump in the use of personal hosting sites, said Dan Hubbard, the company's senior director of security and technology research.

"The growth of this trend is alarming," said Hubbard. "July has seen a major boom. In the first two weeks alone we found more instances than in May and June combined."

In the first half of the month, Websense found more than 500 free hosting sites created to spread keyloggers alone, Hubbard added. Since the beginning of the year, it's uncovered more than 2,500 such sites.

Although the hosted sites purport to offer up everything from online journals and photo albums to blogs and greeting cards, they all have one thing in common, said Hubbard. "Some type of automation was used to set all of them up, and fairly easily, too." Because they're free and easily created, they're considered disposable by the attacker. The average lifespan of such a site, said Hubbard, was between two and four days. They're attractive for other reasons as well.

"Attackers don't have to go to the trouble to find a compromised machine, search for one with a vulnerability they can exploit to turn into a zombie," said Hubbard. "Plus, they're reliable. Since they're offered up by national and international Internet service providers, they're built on a lot of infrastructure. Third, they often offer quite a bit of storage space, in some cases up to 500MB."

While Hubbard declined to name some of the ISPs his labs has found hosting some of the malicious sites, "you'd recognize the names," he said. "Some are mom and pop ISPs, but most are well-known."

The problems is that too few free hosting services offer even the most basic security tools, Hubbard said, pointing the finger at lackadaisical ISPs. None of the services found hosting malicious sites use a graphics-based question to make sure that a human, not a bot, registers for the service, he said. "None prevent uploading of executable files, and none are scanning [files] with anti-virus software," he added.

Putting their malicious programs on a site is only part of the hackers' chores, however. They also have to get people to visit these sites in order to install the code, such as a keylogger, on computers.

"It's not all about where hackers are storing code, but also how they're getting victims to visit those Web sites," Hubbard argued. "Social engineering techniques are still the most effective way of enticing people to a site."

Here, too, he said, the free Web hosting service sites play to the hackers' advantage. Because the domains of these services may include the name of a well-known ISP, it may be trusted by more users than a compromised, and unknown, IP address of a zombie PC.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 17, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.