Security experts have warned of malicious code residing in cached web pages on servers used by ISPs, search engines and businesses.
Web security firm Finjan identified several instances of malicious code found on public storage and caching servers in its Web Security Trends Report for third quarter of 2006.
Chief technology officer Yuval Ben-Itzhak warned, “This malicious code can be referenced by third-party web pages and can be used to exploit an end-user’s machine. Even if the malicious site has been taken down, its malicious content is still stored and served by the caching servers.”
He added, “The exploit can result in the installation of Spyware, Trojans, and other malware that compromise a user’s privacy and identity.”
Ben-Itzhak warned that storage and caching servers “could unintentionally become the largest ‘legitimate’ storage venue for malicious code”.
Finjan has provided technical details to ISPs and search engine firms.