Regular Domains Have More Malware Than Porn Sites 122
SnugglesTheBear writes "New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the Web are likely to avoid exposure to malware. A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult website. In the UK, Avast found that more infected domains contained the word 'London' than the word 'sex.' Among the domains labeled as infected by Avast was the smartphones section of the Vodafone UK website. The mobile phone operator's site contained a malicious JavaScript redirect script that attempted to take advantage of an unpatched Windows Help and Support Centre flaw (CVE-2010-1885) to infect the machines of visiting surfers."
The question is (Score:3, Interesting)
How many of those redirects lead to adult sites? A very large number I'd imagine.
Further actual numbers mean little - what percentage of porn sites are infected (or deliberately take malware related action) as opposed to legitimate sites?
Re:What are the percentages? (Score:3, Interesting)
No, I think the percentages are kind of irrelevant.
Basically what you are asking for is a census of the internet. And what qualifies as a porn site and what qualifies as a non-porn site can reeeaaaallly blur the lines. Suppose Break is used to showing off hot Swimsuit models? Pornographic? Probably not. They show a Pic of a spring break girl flashing? Ehhh it's hard to call it pornography even though theres nudity.
I think it generally boils down to what sites can you trust vs what sites you can't trust. And that just cums with experience.
Damnit I almost made it through the whole post without a pun...
Red Light District ... (Score:5, Interesting)
Funny thing is, the neighborhood seemed perfectly safe. I never had any trouble getting to or from my apartment at any hour of the day or night. I figured it was probably one of the safest areas of NYC because any crime would have been bad for business.
Re:The question is (Score:5, Interesting)
> How many of those redirects lead to adult sites?
Probably not many. After all, porn sites actually have a legitimate (or at least legal) internet business model with revenue. Why do they need to infect their customers with malware? The newspapers on the other hand are struggling to figure out how to get people to pay for their content.
What's more, I imagine mostly lonely guys visit porn sites. And who are lonely guys? Geeks! (present company excluded, of course :). And geeks use Firefox, NoScript, etc., so they're hard to infect. If you want to build your fleet of rooted zombies, I'd imagine sites that a bunch of old people who are still using IE 5 on unpatched Windows 2000 is your best bet. And unless they've responded to a Viagra e-mail, I would guess grandma and grandpa aren't visiting porn sites.
Re:There's a reason for that (Score:5, Interesting)
Actually, the reason you'd see the same or similar ads in a particular genre of porn would be that porn folks are usually pretty good at targeted marketing. For the successful ones, they watch their revenue streams very carefully. They learn (through trial and error mostly) which ad campaigns work, which ones don't, and the best placement on their pages.
There are some shady dealings too, where folks running ad campaigns shave profits. If campaign A gives them 1:300 conversion rate, but campaign B gives them a 1:600 conversion rate, but all other things are the same (same type of content, same cost and membership length) you can look at the possibility that the company running the campaign is stealing from you.
Popovers, popunders, jumping monkeys, or whatever aren't the biggest concern of the webmaster. If that ad method didn't make money, it wouldn't be used. It's not worth it for the webmaster to waste space and/or time with ads people don't click on, or worse, ads that don't pay.
For most of them, it's far from their best interest, to have a malware infected site. If you go there, and your antivirus does kick off saying "This site is infected, run!", you're very likely not to go there again. You may tell your perv friends "Hey, don't go there, it has viruses." If it's a "clean" site (as in viruses, not smut level), you may be back every day, and tell your perv friends "hey, check this site out."
Word of mouth doesn't seem like it would be that significant, but it is. I worked at one of the highest trafficked adult sites for many years. They got that big by word of mouth. SEO on the site was almost nonexistent, unless you are looking for their name only, which they usually abbreviated, making that useless too. It was in their best interest to keep it a safe place to go.
I'd guess most of the malware stuff is either done by dirty webmasters who don't ever expect to have a repeat visitor, or (and more of) lost and lonely porn sites in virtual hosting environments, where the user permissions were all set wrong. Have 0666 / a+rw on your files is an open invitation for anyone else on that machine to cause you a lot of grief.
A lot of times, people don't even know that the problem exists. I was helping someone out with a non-porn site. I pulled down a copy of the live site with wget. That was fine. I went to their location, and we downloaded the entire contents of their site, and there were two html files with javascript malware in them, that weren't linked from the live site. It appears someone else on the server had a script crawl through and add their malicious payload to any default.html that was world writeable. The script kiddies can't tell if the files are actually used, they just write to anything they can. Sometimes they'll stick it in any .html or .htm file that's world writeable, but that takes longer than just sticking it in any index.html or default.html that they can.
Regular webmaster type folks usually only have a handful of sites. Porn webmasters usually have hundreds or thousands of them. It's all about how much exposure your content gets. If I have one site, the chances of someone tripping over my site are slim. If I have 10,000 sites, the chances get much better, which means my ads are seen and I can make more money. People rarely set up porn sites for their love of the topic. They do it to make money.
Re:Red Light District ... (Score:1, Interesting)
By this fascinating logic, Mafia headquarters should be totally safe.
Re:Red Light District ... (Score:1, Interesting)
I just had to reply, first time ever on /.
Yes. Mafia-controlled neighborhoods ARE very safe. It's the modern version of Pax Romana. Just don't challenge the status quo there.