back to article Web browsers on the front line of exploitation

Cybercriminals are stepping up their efforts to exploit vulnerabilities in web browsers to spread malware using drive-by download techniques. Research by Google's anti-malware team on three million unique URLs on more than 180,000 websites automatically installed malware onto vulnerable PCs. Hackers are increasingly trying to …


This topic is closed for new posts.
  1. Sean Purdy


    "Research by Google's anti-malware team on three million unique URLs on more than 180,000 websites automatically installed malware onto vulnerable PCs."

    Why is Google's research installing malware onto PCs?

  2. Ben Schofield

    RE: Malware

    You know Google - they want a finger in every pie.

    Perhaps they're planning on developing an AV client, or a browser perhaps. Who knows; time will tell.


  3. Colin Wilson

    RE: Malware

    Try reading the line again - Google aren't installing malware, they're telling you that three million unique web addresses are pushing it onto unwary users who happen to visit them.

  4. Ken Hagan Gold badge
    IT Angle

    Re: Malware

    No, *you* try reading the line again.

    Research ... Google's anti-malware team

    ...on three million unique URLs

    ...on more than 180,000 websites

    automatically installed malware onto vulnerable PCs.

    There's no way I can turn the URLs or the websites into the subject of the verb. If I do, I get with "Research by blah" as a subject with no verb.

    IT angle? On any decent compiler, you'd have got a syntax error.

  5. Ken Hagan Gold badge

    Syntax aside...

    "Google's team also reports that two per cent of malicious websites are delivering malware via tainted banner ads. Israeli security firm Finjan has also observed a rise in the tactic over recent months, noting that many malicious ads are served from legitimate websites."

    So whilst Google's research may not be to blame, at part of Google's business model *is* an offender. Call it "virus laundering" if you will. Of course, the solution is for the browser to screen out content that doesn't come from the domain in the address bar. That also punishes sites that steal bandwidth by linking to pictures on other sites, which is nice.

    <- I couldn't find a picture of Sergei or Larry with horns, so this will have to do.

  6. Steve

    use a better browser

    IE has a history of being hammered, yet people insist on using it. I guess they get what they deserve. Check Secunia for info. Plenty good browsers out there, Opera, Konqueror, the list goes on.

  7. Anonymous Coward

    What we need is ...

    A War on Malware (TM).

    Extrapolating the increase in infection rates of PCs and web sites leads to an unpleasant conclusion - that eventually, if strategy does not change, a critical mass will be reached where the probability of compromise to most hosts will be unacceptable and could cause firms, public organisations and individuals to significantly limit connectivity or even disconnect altogether. In such a situation, the 'internet' could ultimately be broken into a myriad of heavily throttled subnets in an attempt to prevent the worst malware from entering these 'gated community subnets'. As a result, the internet would lose much of its appeal.

    So, IMHO, we need a War on Malware (TM) to prevent the internet regressing to a mid-90s level of connectivity outside of stifling 'gated community subnets'.

    Of course, one might also consider that The Powers That Be (TM) arranged this predicament in the first place, to achieve control over the internet in a brazen thrust to limit 'free speech'. That most botnets send spam is not surprising when you consider that one solution to spam, already put forward, is to charge a nominal fee for e-mail (e.g. one cent) thus neatly linking each and every e-mail sent to a credit card or charge account and therefore to the sender's real identity.

    Mine's the plastic raincoat with tinfoil hood.

  8. BitTwister

    @What we need is ...

    > A War on Malware (TM).

    Yes indeed. Maybe someone should speak to Microsoft about that since it's entirely responsible for providing malware with the oxygen required to live.

  9. Andrew Norton


    i just turned on my 'staysecure' widget for Opera - It gives a tiny little window that shows the current unpatched vulns for IE, FireFox, Opera, Safari and Konqueror through secunia

    Safari and FireFox are showing 2 bars (less critical) with 3 and 4 holes respectively, whislt IE and konqueror have 3 bars (moderately critical) with 7 and 2 holes.

    opera meanwhile, as usual has none... Guess which one is the smart choice.

  10. zombini

    Browser Defender in NIS2008 is excellent

    Norton Antivirus signatures may be slow, but the Browser Defender signatures and the feature in general are excellent. I've yet to see it let something through. Kaspersky lets quite a few exploits through since they trigger on the shell code which is easily polymorhped or some strings in the HTML/Jscript which is easily obfuscated without using a document.write (which btw they hook). Kaspersky sucks.

  11. lee davies
    IT Angle


    Given the demands on Browsers to provide better multimedia and interactivity, browsers attract more holes than ever before. AJAX exploits have only just begun as well, for all browser variants.

    I disagree with Zombini though (sorry), personally I have had to force remove spyware from 3-4 Norton PC's (Smitfraud, trojans, etc), I installed Comodo instead and the users have had no problems.

This topic is closed for new posts.