Google finds ‘miscreants’ infecting Web with some impunity

More than 10,000 Internet users surf into malicious waters every week as they hit compromised websites laced with malware and scams — and many webmasters are failing to respond well to the menace, according to a new study by Google and UC Berkeley.

“The proliferation of web threats such as drive-by downloads, cloaked redirects and scams stems in part from miscreants infecting and subverting control of vulnerable web servers,” said the Remedying Web Hijacking report, released this month. “Sites operating popular platforms such as WordPress, Joomla, and Drupal faced an increased risk of becoming compromised, primarily because miscreants focused their efforts on exploits that impacted the largest market share.”

“Drive-by downloads” involve the installation of malicious code on the computer of a person who has merely opened a compromised website page. A “cloaked redirect” connects a user to a new Web page, while the URL from the original site remains in the browser address bar.

The researchers studied more than 750,000 incidents in which servers were hacked, between July 2014 and June 2015. More than 40 percent of webmasters for compromised websites did not fix the problem, the report said.

Google and UC Berkeley discovered that Google’s Safe Browsing service, which runs website addresses through a list of sites connected to malicious software and phishing attacks, plus “this site may harm your computer” warning notices about suspect websites, helped lead 55 percent of compromised sites to clean up. When webmasters were contacted directly about problems, the clean-up rate jumped beyond 75 percent, the report said.

However, the researchers found, “a sizeable fraction of site owners failed to address the root cause of compromise, with over 12 percent of sites falling victim to a new attack within 30 days.”


Photo: A man walks past a building on the Google campus in Mountain View in 2015 (AP/Jeff Chiu)


Tags: , , , , , , ,


Share this Post