Security experts warn that malicious code lurks in web caches

News

Security experts warn that malicious code lurks in web caches

Tash Shifrin

Security experts have warned of malicious code residing in cached web pages on servers used by ISPs, search engines and businesses.

Web security firm Finjan identified several instances of malicious code found on public storage and caching servers in its Web Security Trends Report for third quarter of 2006.

Chief technology officer Yuval Ben-Itzhak warned, “This malicious code can be referenced by third-party web pages and can be used to exploit an end-user’s machine. Even if the malicious site has been taken down, its malicious content is still stored and served by the caching servers.”

He added, “The exploit can result in the installation of Spyware, Trojans, and other malware that compromise a user’s privacy and identity.”

Ben-Itzhak warned that storage and caching servers “could unintentionally become the largest ‘legitimate’ storage venue for malicious code”.

Finjan has provided technical details to ISPs and search engine firms.

The third quarter report also points to new use of Web 2.0 and Ajax (Asynchronous JavaScript and XML) technologies for malicious activities. These technologies are designed to produce a better web experience for Internet users, but Ben-Itzhak warned that they could also provide new ways to propagate malware.

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy