Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Avast Warns Of Hidden Dangers Of Site Infections

Avast Software : 01 February, 2011  (Technical Article)
E-Commerce sites infected by Trojans don't always display the symptoms you'd expect, warns Avast who provide advice to site owners to keep it clean and respond to infection warnings to avoid losing customers or having them re-directed to malware sites
Everyone knows that too much crime in the neighbourhood is not good for business.  So, it should be a surprise that companies running online shops don’t pay more attention to keeping their sites infection-free. While it may not directly affect their business, it might keep would-be customers from getting in the front door. To illustrate this point, nearly one million users of avast! antivirus software were prevented from visiting legitimate but infected on-line store – and that was after AVAST Software informed the company about the infection.

“With Francoise Saget, we have a perfect illustration as to why it’s much more effective – from the public safety perspective – to tell thousands of users about an infected site instead of the individual administrator,” said Ondrej Vlcek, CTO of Avast Software. “With CommunityIQ members on the internet nonstop, there is a constant two-way flow of information about infected sites between avast! and our users. Getting a hold of a site admin is another issue.”

The avast! Virus Lab noticed an infection at at 12:20:40 (Central European Time) on November 21, 2010. The infection was HTML:Illiframe-R [Trj], a Trojan redirecting unsuspecting visitors to a malware distribution site in China. Within two days, the infected page had been visited 65,968 times by avast! CommunityIQ members.

Ahead of the holiday shopping season, Avast decided to directly contact the shop about the infection and emailed them a message – in English and in French – on November 23. There was no response. As of January 26, two months after the avast! Virus Lab found the Trojan malware, the site was still infected. During this time, avast! had blocked 946,376 attempts by its users to visit the infected page.

“The lack of response is exactly what we have encountered other times we’ve tried to tell websites about infections, even those based near our company headquarters,” said Mr Vlcek. “Here are a few lessons we’ve learned during our attempts to directly contact administrators about their infected sites.”

Five facts about infections and responsibility:

1 Breaking the news about an infection is difficult – It is usually not clear what individual or department is responsible for site safety and or even how to contact them. Even after the responsible person has been identified, it is often difficult to convince them that their site has a problem which they should correct.

2 Infections are not always activated – Site infections, unlike the human variety, are not always turned on. They can be turned off and on to avoid detection and when the malware is being ‘upgraded’. With an estimated 200,000 infected sites for the ‘Ill” family of Trojans, there is room for a lot of changes.

3 Infections do not impact performance – Many infections will have no influence on a website’s direct functionality. The ‘Ill’ Trojan just redirects visitors to one of more than 3,400 malware distribution domains. Yes, visitors might get infected, but they can still do their e-shopping.

4 Don’t rely on the other party staying clean – The site has mode SSL (Secure Socket Layer), HTTPS security systems and VeriSign systems in place. While these may keep financial transactions safe, they have not kept the site clean of malware.

5 Safety requires (your) personal responsibility – To remain safe, all computer users need a certified and updated antivirus application on their computers at all times.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo