By Justin Lee, theWHIR.com
June 12, 2008 — (WEB HOST INDUSTRY REVIEW) — Spammers are exploiting hosted web tools such as Google Docs and Microsoft SkyDrive, to spread malware, reports IT security firm MessageLabs (messagelabs.com).
The criminals are using innovative spamming tactics in embedding links to a Google document which hosts links on another site.
This new practice provides spammers with unlimited bandwidth, and bypasses spam filters since they contain a Google link, says Paul Wood, senior analyst at MessageLabs, which revealed the technique in its monthly intelligence report.
Spammers gauge their success by using Google Analytics, a new technique that has been used infrequently in the past month.
The practice can also be used for phishing emails directing people to malware-hosting sites. Even worse, when the technique is combined with botnets it could greatly increase spammers’ efficiency.
This new technique presents significant challenges for Google, Microsoft and Yahoo, and will only grow as web hosting popularity makes it difficult to distinguish rogue content.
And while Google Docs offers a “report spam” function, critics say it seldom results in pages being shut down. MessageLabs said it alerted the web hosts that are unknowingly hosting the rogue content, but says none of the sites have yet been removed.
According to Ovum security analyst Graham Titterington, the practice hints at a larger issue of problem of security vendors becoming “increasingly reliant on reputation filtering” and enables “big brands to shelter criminal activity.?
There have been many other notable cases of malware attacks in recent months, including the infection of pro-Tibetan independence websites with Trojan viruses, April Fools’ day-themed emails which redirected unsuspecting users to malware-infected website, and most recently, the spread of emails carrying a MalDoc-Fam Trojan disguised as news about China’s earthquake.
About theWHIR.com
Since 2000, The Web Host Industry Review has made a name for itself as the foremost authority of the Web hosting industry providing reliable, insightful and comprehensive news, interviews and resources to the hosting community. TheWHIR is an iNET Interactive property. For more information on iNET Interactive, visit http://www.inetinteractive.com
No related posts.
