China - prime location
By Tom Espiner
Published: 20 February 2008 08:00 GMT
Drive-by downloads, in which malicious websites exploit browser vulnerabilities to execute malicious code, have increased since April 2007, Google researchers have warned.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
In April 2007, fewer than 0.4 per cent of searches returned at least one harmful result. However, this had increased to more than 1.3 per cent in January 2008, Google researcher Niels Provos said in a Google blog post.
Drive-by downloads are caused by URLs that attempt to exploit their visitors and cause malware to be installed and run automatically. The malicious sites target web-browser vulnerabilities to automatically download and run the binary when a user visits the site. Targeting web-browser vulnerabilities can circumvent some traditional security systems, such as firewalls.
The Google researchers investigated billions of URLs over the past year-and-a-half, and found more than three million unique URLs on over 180,000 websites automatically installing malware, the blog post said.
The Google researchers also wrote in a paper called All Your iFrames Point To Us that 67 per cent of compromised servers and 64 per cent of the websites that link to them are located in China. The paper is currently under peer review.
The researchers said: "These results raise serious question about the security practices employed by website administrators."
According to a Google source, Google security researchers report compromised sites to StopBadware.org, a clearinghouse for web malware research run by Harvard Law School, Oxford University and technology companies including Google, Lenovo and Sun.
Google returns all search results, including suspect sites, to a user. However, Google uses the StopBadware.org list of compromised sites to place "interstitial pages" (pages that sits between the search results pages and the suspect page) between the user and the suspect site they wish to visit. Once the user has been warned the site is probably compromised, they have the option to then click through to the site if they wish.
Original article: Google warns of drive-by downloads from ZDNet UK
You will be able to provide details of previous projects including files and URLs to demonstrate the following skills. As this is a technical ...
If you have examples of SEO results (ie URLs / search terms that can be verified against page rankings), this would be very interesting so please ...
Strong experience Developing & implementing strategies for the effective measurement of online media methods would be the>*Brand management, Public ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy