Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Spam Technology

Blogs Latest Source of PC Infection 170

smooth wombat writes "The BBC has a story which indicates that filtering firm Websense believes at least 200 fake blogs are in existence which have malicious code that could infect your pc. Websense said it had seen examples of some computer criminals creating a legitimate looking weblog, loading it with keylogging software or viral code, and then sending out the address of it through instant messenger or spam e-mail. Websense warned that viruses hosted on weblogs might be a danger because they get round the filtering systems many firms have created to ensure malicious programs do not reach employees." From the article: "In separate cases some blogs were being used as storage lockers holding chunks of malicious code that the controller of a network of zombie machines wants those remotely-controlled computers to use."
This discussion has been archived. No new comments can be posted.

Blogs Latest Source of PC Infection

Comments Filter:
  • by maotx ( 765127 ) <maotx@@@yahoo...com> on Friday April 15, 2005 @08:12AM (#12243463)
    WEBSENSE filters legit sites! [thebestpag...iverse.net]
    • by Stick_Fig ( 740331 ) on Friday April 15, 2005 @08:26AM (#12243590) Homepage
      Who wants to take a bet that Websense is making this up just to ban blogs?
    • Well, yes.

      At my Sixth Form, Websense will sometimes give the catagory of banned page as "Alternative Journals", a bit more questionable than the "Bad taste" catagory.
      • No! Not "Funny", mods! This is actually true. There is also a catagory called "Gay and Lesbian interest" which blocks not porn (that's a seperate catagory), but support groups, helplines, etc. Could be grounds to accuse a school of discrimination (this is in the UK where we don't have a large lobby of people who want them all locked up BTW).
    • Too bad I can't see the site...

      Your organization's Internet use policy restricts access to this web page at this time.

      Reason:

      The Websense category "Tasteless" is filtered.
  • by PinkX ( 607183 ) on Friday April 15, 2005 @08:12AM (#12243465) Homepage
    How could a blog site - or whatever kind of site for that matter - host and run keylogging software?
  • .. I couldn't give a crap about the General Public's blogs, so I don't view them.
    I guess its bored Housewives that get caught by the virii
  • So... (Score:5, Funny)

    by Skye16 ( 685048 ) on Friday April 15, 2005 @08:14AM (#12243481)
    So basically they're saying there are now webpages that exist to infect your computer with malicious code through various browser security holes? Huh. Imagine that. I never would have thought that to be possible.

    Dot dot dot.
    • Re:So... (Score:3, Funny)

      by Pac ( 9516 )
      I, for one, think this security guys are too paranoid. Next they will say the innocent attachments strangers keep sending me in my email messages will harm my computer. What about having some faith in people's good intentions?
  • Wow (Score:5, Funny)

    by Anonymous Coward on Friday April 15, 2005 @08:14AM (#12243482)
    ... as if the fact they're largely written by self-important bores wasn't reason enough to avoid blogs and bloggers.
  • Suppression (Score:5, Interesting)

    by tankenator ( 803647 ) on Friday April 15, 2005 @08:14AM (#12243484)
    Is this really the case, are is it yet another attempt by corporations to subtly supress their employee's reading habits???
    • well, notice the conflicting numbers of sites: websense claims to have found "hundreds", while later in the article, specify that it's now over 200. WTF? i mean, i know that literally, 201 constitutes "hundreds", but c'mon, that isn't normal usage of "hundreds".

      that said: it's basically browser vulnerabilities. if you aren't patching & updating virus definitions, you're SOL anyway.

      ed
    • Re:Suppression (Score:5, Interesting)

      by alnjmshntr ( 625401 ) on Friday April 15, 2005 @08:29AM (#12243617)
      I would say it's another attempt by Websense to sell more product. Haven't we seen this all before from Symantec/Mcafee et al, scaring the masses into buying their product?
    • Re:Suppression (Score:5, Insightful)

      by OhPlz ( 168413 ) on Friday April 15, 2005 @08:30AM (#12243620)
      Seems more like a case of the BBC trying to publish an article with a buzzword in it.

      A responsible journal would have gone on to say that any web site, not just a blog, could potentially attempt the same sort of behavior. This isn't anything new and has nothing much at all to do with blogging.

      Actually.. why am I blaming the BBC? It made the front page here..
    • Re:Suppression (Score:5, Interesting)

      by justforaday ( 560408 ) on Friday April 15, 2005 @08:38AM (#12243670)
      Is this really the case, are is it yet another attempt by corporations to subtly supress their employee's reading habits???

      Well, being an employee of a company that uses WebSense's filtering product, there is absolutely nothing subtle about it. Hell, at one point linux.slashdot.org was blocked due to being a freeware/shareware distribution point (along with getfirefox.com - still blocked)! Of course this all comes down to how the company has set it up. And nevermind that our braindead IT department blocks webmail as a major security vector, but then has all of us running as admin, with improperly secured share points on many of the machines (earlier today I noticed that anyone can mount the C drive of the main gov't affairs machine here)...Alright, enough of my ranting for now. IE vulnerabilities grumble grumble grumble...
      • Comment removed based on user account deletion
      • Actually, we block webmail because it *IS* a security vector; files that our lusers download from hotmail or yahoo's web mail system isn't checked for viruses/trojans before it enters the network (yes, we run AV software on each workstation, but blocking all exe's/etc at the MTA level is much safer). Our lusers could also use a webmail system for data theft.

        Besides, they are at work to work, not to email their friends from their personal email accounts.
        • Besides, they are at work to work, not to email their friends from their personal email accounts.

          Or posting at Slashdot during working hours, right?

      • From where I am, getfirefox.com isn't blocked, and we're under WebSense. Granted, I know nothing about its configuration options (anyone have a link?), but I'm pretty sure we're using a dfeault setup.
  • Only 200? (Score:5, Interesting)

    by Alibloke ( 838866 ) on Friday April 15, 2005 @08:15AM (#12243494)
    This doesn't seem to be a great deal of sites, after RTFA I now know there are around 8 million blogs and only 200 are infected.

    Personally I'll take my chances........
    • by Anonymous Coward
      You've confused the word "infected" with the phrase "worth reading"
  • Only they use a fake webpage to install shit, rather then using a fake webpage to take your info. The ideas the same though, most people on the web (or at least those just on it for the blogs) don't really know the difference between what looks like a professional page, and what IS a professional page. More wide spread education about the dangers of what can be found on the internet really needs to happen.
    • The ideas the same though, most people on the web (or at least those just on it for the blogs) don't really know the difference between what looks like a professional page, and what IS a professional page.

      You mean there are people who got on the Internet just to read blogs?

      And yet, if you were to kill them, it would be you that got in trouble! The World's insane I tell you.
  • by GPLDAN ( 732269 ) on Friday April 15, 2005 @08:18AM (#12243522)
    If the blog you are reading says...
    "Today, I went with Billy and Johnny, and we went to the farm and saw a cow. It was a big cow! Download this program and it will show you how big the cow was!" ... you probably shouldn't download the code.

    If the blog purports to be from some p0rnster, and the blog says "download this cool active X control, it will let you see all these hot pix I took at the club last night"... you probably shouldn't install the control.


    Ok, I think I got it.
  • .0025%? (Score:3, Interesting)

    by mwkaufman ( 859791 ) on Friday April 15, 2005 @08:19AM (#12243527)
    So there are 200 fake blogs among 8,000,000 that were drawn up with malicious code and this is a story? I'm sure there are far more websites out there that aren't blogs with malicious code. All it comes down is protecting your computer the way you prevent anything bad from happening, by not being stupid about it. 200 is a drop in the bucket when it comes to the blogging community.
    • Re:.0025%? (Score:5, Insightful)

      by ergo98 ( 9391 ) on Friday April 15, 2005 @08:25AM (#12243582) Homepage Journal
      So there are 200 fake blogs among 8,000,000 that were drawn up with malicious code and this is a story?

      The story is that blogs are dangerous. Blogs are the tool of the devil, and they will install keyloggers, spy through your webcam, and solicit your children. Blogs are the tools of criminals and miscreants.

      Good people should stay away from blogs and instead obtain all of their entertainment and information from the large corporate media outlets.
      • Wait...is this one of those fake reports put out by the Feds, paid for by taxpayer dollars, that purport to be in our best interest? Sure sounds like it...
      • Good people should stay away from blogs and instead obtain all of their entertainment and information from the large corporate media outlets.


        What about chat rooms? I hear you can talk to many well-informed and honest people in chatrooms. There is even intelligent debates going on right now in chat rooms across the globe!
  • by erick99 ( 743982 ) <homerun@gmail.com> on Friday April 15, 2005 @08:20AM (#12243541)
    "The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link."

    The brighter criminals seem to understand that this well and more and more scams are less about clicking on something than it is about convincing someone to provide their SS#, banking info, etc.

    • Let me try this again....

      "The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link."

      The brighter criminals seem to understand this well and more and more scams are less about clicking on something than it is about convincing someone to provide their SS#, banking info, etc.

  • by LegendOfLink ( 574790 ) on Friday April 15, 2005 @08:21AM (#12243551) Homepage
    Maybe the problem isn't that the fake blogs are carrying malicious code; rather that the browsers (coughIEcough) being used to surf the fake sites aren't secure enough.

    Malicious websites will always be around; however, if we try and educate the public about security, they'll be rendered useless.
    • if we try and educate the public about security,...

      Ah to be young an naive. <sigh>

      No amount of education will ever convince enough of the general Internet users to:

      stop executing malware of unknwown origins

      buying stuff from spammers

      The only way to keep people from doing stupid things is summary execution of said offenders to remove them from the gene pool. But, unfortunately, there are laws against that type of thing.

      • The only way to keep people from doing stupid things is summary execution of said offenders to remove them from the gene pool. But, unfortunately, there are laws against that type of thing.

        Please tell me you're running for President, because you'd definitely get my vote.
  • 'warning... (Score:1, Interesting)

    by hostylocal ( 827126 )
    there are sites on the internet that are _bad_!' well done. must have had some spare budget sitting around doing nothing. no, seriously - next you'll be telling us that google is watching us or those kind blokes in nigeria are lying to us too! sheesh. bloggers are getting it in the neck at the minute - americans want to censor blogs, even tho they haven't read one, people who blog about work get sacked and now they're remotely installing keglogging software onto pcs. where will it end?
  • Competition anyone? (Score:5, Interesting)

    by BKuhl ( 2470 ) on Friday April 15, 2005 @08:22AM (#12243561)
    Let see... The mainstream news is reporting "Don't go read the blogs or your PC will crash and burn." Does anyone else find it curious that blogs are one of the more potent competitors the the mainstream news in recent time?
    They couldn't be trying to discredit the competition?
    • Bloggers aren't competing with `mainstream news` sources. They have nothing in common.

      • So why is it the MSM hates/is so afraid of the blogs? Anybody still remember the "guys in pajamas [google.com]" remark by Jonathan Klein, then of CBS? Indicative of the way the industry fears Powerline [powerlineblog.com], Instapundit [instapundit.com], Kos [google.com], etc.
        • They probably hate them for the same reason I dislike them - most blogs are a waste of time. They're more fiction than news - and bad fiction at that. Blogs aren't a source of news - they're a natural extension of the `my first homepages` sites which once littered the web. You remember those. Photos of fat little nerds and their dumpy girlfriends, a photo of their cat and an cheesy animated `under construction` .gif that vanished along with their site when they were asked to pay their next months internet
    • Interesting point. News media has been failing to report fair and balanced news in recent years. This has led to the masses of documentaries being released, because documentaries are free to probe and investigate the issues to their full extent (without media restrictions).

      It seems that blogs are another offshoot of the failure of mainstream media. The blog Baghdad Burning: http://riverbendblog.blogspot.com/ [blogspot.com] provides insight into the Iraq war that inbedded journalists have missed.

  • Blogs or websites? (Score:5, Insightful)

    by delymyth ( 17681 ) * on Friday April 15, 2005 @08:24AM (#12243578) Homepage Journal
    I do have a blog, or at least people call it a blog.
    What I'm asking myself right now, reading this article is...
    "What's the difference between a blog and a website?"
    I mean, how could a proxy know it's a blog?
    It can't, unless you talk about blogs hosted on big blogger networks.
    But I'm not the only one having a blog on another hosting service, with my own domain and so on.
    The same could happen with "personal home pages", the problem is, as usual, people click on anything that seems interesting, without checking the website where they'll end.

    It's always a matter of Social Engineering, users have to be educated I think...
    • by daveschroeder ( 516195 ) * on Friday April 15, 2005 @09:11AM (#12243930)
      Because apparently everything is a blog now, when it's convenient.

      For example, we used to call Think Secret and AppleInsider "news web sites" or "mac rumor sites". Apparently they're now "blogs".

      And yes, I realize that a "blog" IS a "web site", but my point is, aren't we going a little overboard on calling things "blogs"? Think Secret only started being a blog when people wanted to trumpet the cause of "blogger's rights" and thought it was some huge case about free speech and whether bloggers can be considered "journalists".

      Unfortunately, it backfired, because the judge acknowledged that bloggers CAN INDEED be journalists, and they also have the same free speech and press rights as anyone else. But they also can't obtain information in violation of existing statutes.
    • people click on anything that seems interesting, without checking the website where they'll end [....] users have to be educated

      Are you seriously saying that people should check where the hyperlink leads to?

      And you seriously think people will do this when you tell them?

      HahahahaAHAAH no really HAHAHAHAHAHAHAHA

      I'm sorry but this is modded insightful? I have modpoints to put it on overrated, but this is just so funny. Well, not really.

      • The fact that people click without thinking isn't a good reason for saying that something is "dangerous".
        I mean, if someone sends a linux user (at home, with root logged in, of course) a shell script with a simple "rm -rf /" and the user executes it, is the "rm" command dangerous? or are shell scripts dangerous?

        I'll never defend people blind-clicking on every single "interesting" attachment or link they receive, sorry.
        Internet Culture is too low nowadays, and this is in my opinion the first cause for virus
    • by arodland ( 127775 )
      It's just a bunch of gobbledygook. "Storage lockers"? Um, yeah. Blogs having some special property that renders virus scanners inoperative? Not last time I checked. Really, I don't see any sense in the whole thing besides "hey guys, there's some adware and stuff on blogs now." "hey, thanks for the heads-up, I guess that had to happen eventually."
  • huh? (Score:3, Funny)

    by Anonymous Coward on Friday April 15, 2005 @08:27AM (#12243597)
    how do these blogs get outside the browser sandbox?

    publishing this sort of rubbish should be punished.
  • by deacon ( 40533 ) on Friday April 15, 2005 @08:28AM (#12243605) Journal
    This is another example of the lack of compatability that is preventing Linux from being successful on the Desktop.

    Lacking the broad compatibility of Windows to run any executable at any time without pestering the user, Linux will slowly fall out of favor as the more "user friendly" Windows proves yet again that everthing "just works".

    Developers must get their act together to make Firefox compatible with these soon -to-be mainstream methods of allowing users to update their PCs without worrying their little heads over such arcane details as "what does this application do?"

    Until Linux can match Windows in this kind of ease of use, I'll have to stop using FC3 and Firefox and upgrade to XP and IE.

    Note to mods: This post contains sarcasm. Do not eat.

  • "Today my frapachino wasn't frappy enough. Click this suspicious link to an .exe for more!"
  • QUICK!! Ban blogs!!

    Oh wait, the majority of the US public already want to [slashdot.org] :-).

  • Is this story trying to suggest blogs are somehow easier to drive traffic towards and if so these 200 blogs pose an increased threat?

    If not, why the hell is this news worthy.
    • ...and I might add, before someone says RTFA that getting round the filters isn't really an excuse
      Why are blogs any different to normal pages in the filtering respect?
  • by wwvuillemot ( 676894 ) on Friday April 15, 2005 @08:39AM (#12243679) Homepage

    I am a bit baffled why this is news. How is this any different than any other attack via a web page? And how is a weblog any different than a vanilla web page? (That was meant an ironic, rhetorical question for those itching to answer that.) The techniques used to phish and to infiltrate a target machine via web pages are identical for weblogs ... since weblogs == web pages. (And yes, I do appreciate there are persons in the world who do not understand the two are the same.)

    How on earth can one conclude that blocking people from all weblogs will protect them? Unless you also block them from all web pages to boot, ie the entire world wide web.

    Websense warned that viruses hosted on weblogs might be a danger because they get round the filtering systems many firms have created to ensure malicious programs do not reach employees.

    Can someone confirm this? Are you telling me companies actively track if a site is a weblog ... and if so lower the security precautions for it?

    I am a bit disappointed that BBC reported this article. Talk about FUD.

  • Comment removed based on user account deletion
    • The article is poorly written, but I believe it is referring to drive-by-download code. This is typically malicious JavaScript and/or ActiveX code that exploits a flaw in IE's security model to install and run executable code on your computer as a side-effect of your visiting the Web page, and often without your knowledge or consent.

      The blog angle is a bit of a red herring. Drive-by download attacks can happen on any web page, not just blog web pages. There are two phenomena going on with respect to blo
  • The article says it all...

    "Users were urged to keep anti-virus and patches up to date, regularly scan machines with anti-spyware products and exercise caution when reading unsolicited messages sent via e-mail or instant messenger."

    C'mon, people...This stuff should be habit by now.
  • "The BBC has a story which indicates that filtering firm Websense believes at least 200 fake blogs are in existence which have malicious code that could infect your PC, provided you run Microsoft Windows and Internet Explorer. Windows users utilizing Mozilla, Firefox, Opera, or other browsers are not affected nor are the users of Linux, BSD, BeOS (both of them), and any version of MacOS."

    Why is anyone still using Internet Explorer? Even if the only browser your bank's site supports is IE, don't use it. Ju

  • lmao this is great. only blogs can hold malicous code. they are dangerous and must be banned. IE is safe and not to blame.

    can we plz get a link?
  • It's the people that are getting mentally infected by blogs.

    Blogs are enabling rare fringe people to come together in communities unlike ever before.

    Society is becoming different because of these of communities that reinforce and develop their special culture using blogs.

    Expect many failures of these communities, but also expect a few to produce flourishing growth of ideas that might spread into the non-blogging world.

  • Websebse making a big deal about blog bugs should be taken about as seriously as Symantec making a big deal about cell phone or Macintosh viruses. At best it's self-serving.

    But there's something bigger that really bugs me: Websense is part of that big conglomeration known as "them" or "they". Sometimes it's hard to tell where the government stops and "they" start. The American media is another big member of "them" and blogs are a threat. So "they" have to do whatever they can to steer people away from
  • This whole article wreaks of bullsh*t and scare tactics. The entire internet is capable of playing host to nefarious code. A few hundred blogs out of millions? This s just weak reporting.
  • The best way to deal with this kind of theft is by refusing to shop online using ones credit cards, how much ever tempted you may be. Infact after the globalization of market, you can get every thing in your city itself which might be just a short drive by car or walking distance.
    2) Do not store any sensitive data like your personal information and bank account details on the computer if possible. And if you do store it, make sure it is stored in encrypted form. There are numerous encryption softwares avai
  • I know it's a common cry around here, but this is FUD to get people to buy into Websense. Since the USAF has moved over to using Secure Computing's SmartFilter embedded into the Bluecoat proxy, Websense is losing business.

    Oh know, 200 sites! Buy our software and we'll keep you safe!

  • With services like blogger and live journal an average joe can set up a blog in under 3 minutes. Most blogs these days (not all but most) are set up by people with no sense of publishing online content. This is bearable. That are what blogs are for. Putting your thoughts out there without having to be a professional. Now a even bigger section of people are new to blogging and super dumb. They are all pumped up. They jump from blog to blog thinking that all blogs are setup by stupid people. Now some smart as
  • In the past, I have noticed people such as the GNAA posting comments into blogs. These comments will contain Javascript that will do something nasty, normally redirecting the page to goat.cx or Last Measure. This makes it easy to disguise goat.cx links in Slashdot comments or, occasionally, redirect a blog linked to in a +5 comment or even the story itself to goat.cx.

    So my question is, could this sort of Javascript exploit be used to spread trojans/malware via other people's blogs using the comments sect
  • The answer to all the virus, spyware, spam, scamware, popups, and other malicious code, is not to try and block this protocol and then realize it can come in through that protocol; then block that protocol and realize that doing so is extremely complicated and creates other networks, while the stuff gets in through floppy disks, and then block those and realize it gets in through certain websites, and then, and then, and then...

    The solution is to use all those wonderful features that modern operating system

  • Just another attempt by mainstream news to stop people from looking beyond the defined parameters of the corporate reality. There will probably be a time when if you ask a kid about blogs, s/he'll automatically respond with, "They're bad! What's a blog?"

    Fear=control.

    Same bullshit, different day.


    -FL

"The medium is the message." -- Marshall McLuhan

Working...