Sophos senior technology consultant Graham Cluley said, "Blogger accounts for around 2% of malware. It's head and shoulders above the rest of the blogging services. The attraction for the bad guys in targeting Blogger is that things pretty much get spidered instantly into Google, because Blogger is part of Google."
Sophos notes that hackers both set up malicious blogs on Blogger, and inject dangerous Web links and content into innocent blogs in the form of comments. The most-oft used form of attack is the SQL injection, which exploits security vulnerabilities and inserts malicious code into the database running a Web site. Companies whose Web sites have been struck by such an attack often clean up their database, only to be infected again a few hours later. Users who visit the affected Web sites risk having their computer taken over by hackers, and their personal banking information stolen by identity thieves.
Google isn't sitting idly by. It is doing its best to parse search results for malicious Web sites and keep them from being linked to. But the search isn't perfect. Sophos said it's a difficult job, at best.
Cluley said, "You could post a link into someone's blog and even if you checked that link at the time, it may be totally harmless. In 20 minutes time the hacker says 'OK, Google's now checked me, now I'll update the page'. So you have to continually scan all of the links on all of the blog pages to do this properly. Which basically is another whole new Google, re-spidering the Web to check if there's something malicious there."
The good news is that Google, Sophos, and others are doing their best to prevent malware from spreading.
