Personal web blogs are being used to distribute malicious code and key-logging software, users have been warned.
Websense, a provider of employee internet management solutions, said it has discovered hundreds of instances of blogs involved in the storage and delivery of harmful code.
The company said cyber-criminals are now taking advantage of blog sites that allow users to easily publish their own web pages at no cost. Blogs can be attractive vehicles for hackers for several reasons, it said.
For instance, blogs offer large amounts of free storage and do not require any identity authentication to post information. In addition, most blog hosting sites do not provide anti-virus protection for posted files.
The culprits can create a blog on a legitimate host site, post viral code or key-logging software to the page, and attract traffic to the “toxic blog” by sending a link through spam email or instant messaging to a large number of recipients.
Last month, Websense issued an alert detailing a spoofed email message that attempted to redirect users to a malicious blog that would run a Trojan horse designed to steal banking passwords. The user then received a message spoofed from a popular messaging service, offering a new version of their instant messaging programme. Upon clicking the link, the user was redirected to a blog page, which was hosting a password-stealing key-logger.
When predetermined banking websites were accessed, the key-logger collected user keystrokes and sent them to a third party.
“These aren’t the kind of blog websites that someone would stumble upon and infect their machine accidentally. The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link,” said Dan Hubbard, senior director of security and technology research at Websense.