Security experts warn that malicious code lurks in web caches


Security experts warn that malicious code lurks in web caches

Tash Shifrin

Security experts have warned of malicious code residing in cached web pages on servers used by ISPs, search engines and businesses.

Web security firm Finjan identified several instances of malicious code found on public storage and caching servers in its Web Security Trends Report for third quarter of 2006.

Chief technology officer Yuval Ben-Itzhak warned, “This malicious code can be referenced by third-party web pages and can be used to exploit an end-user’s machine. Even if the malicious site has been taken down, its malicious content is still stored and served by the caching servers.”

He added, “The exploit can result in the installation of Spyware, Trojans, and other malware that compromise a user’s privacy and identity.”

Ben-Itzhak warned that storage and caching servers “could unintentionally become the largest ‘legitimate’ storage venue for malicious code”.

Finjan has provided technical details to ISPs and search engine firms.

The third quarter report also points to new use of Web 2.0 and Ajax (Asynchronous JavaScript and XML) technologies for malicious activities. These technologies are designed to produce a better web experience for Internet users, but Ben-Itzhak warned that they could also provide new ways to propagate malware.


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy