An image from the report, illustrating Firefox's malware warning graphic
(WEB HOST INDUSTRY REVIEW) — Website malware scanning and security firm Dasient (www.dasient.com) issued a report this week, examining the Web 2.0 structure used by many of the world’s most popular websites, and how the popularity of third-party widgets popular targets for malware, because of their potential as a kind of back door into popular websites.
The report, titled “The Widgetization of the Web” discusses the threat. It is available for download (in the form of a 19 page PDF) from the Dasient website.
“The compromise of just a few popular widgets can be used to turn the most trafficked web sites on the Internet into distribution vehicles for malware,” says a blog post discussing the paper on the Dasient website. “The paper also presents some case studies about how real analytics, audience measurement and advertising widgets have been used to infect high-profile websites with malware.”
One of the serious threats posed to a website that might be compromised via a third-party widget is blacklisting by Google or other search engines. And the greater threat, certainly, is the possibility that a site would unknowingly end up distributing malware to its customers. And, aside from blacklisting, a malware infection can be a significant PR hit to a company.
“When a website suffers a malware attack, it is an extremely high visibility security incident,” says Dasient, in the report. “Any single user that is running anti-virus software on their PC may encounter a warning upon loading an infected URL in their browser. Users that are warned away by their anti-virus may silently churn; or, they may report the event on their blog or social network.”
Dasient’s motivation in producing the research, of course, was in part to demonstrate the value of its website malware scanning services, which can inspect a website for infection by malware, either in its own code, or via a third-party widget.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
