Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Imperva expects hackers to surf in on Google's Wave

Imperva : 07 October, 2009  (Technical Article)
Interest generated by Wave Technology from Google is predicted to bring a new generation of hacking techniques, predicts Imperva
As interest in Google's Wave technology - the online giant's successor to old-fashioned email - peaks, so hackers and scammers will inevitably ride the coat tails of Wave Web searches and attempt to divert Internet users to malicious and infected sites, says Imperva, the data security specialist.

'Reports are already coming in of criminal hackers poisoning Google search results and you can expect similar scams to be pulled by hackers intent on routing Internet users to infected Web sites,' said Amichai Shulman, Imperva's chief technology officer. 'This will almost certainly be achieved by hacking into large numbers of Web servers and injecting malware references into the system. The process will be automated using botnets, which will target SQL injection vulnerabilities in Web applications,' he added. According to Shulman, the irony of this type of attack is that, in order to work out which servers to target, the hackers will probably use Google to search them out. The second stage of the attack methodology, he explain, is to promote pages infected with malware by hacking into Web applications - which are mostly PHP-driven - and creating a revised index that includes link to the malware-infested pages. The problem facing the Internet industry, he explained, is that, although companies tend to dismiss the chance of their applications being hacked due to a lack of public interest, this is not going to be the case with Google Wave search infections.

'Contemporary hacking campaigns are highly sophisticated and are engineered to select popular search terms on Google, and infect every possible related vulnerable target,' he said. 'The net result of this is that, although Google itself is relatively impervious to hacking attacks, the weaknesses of ancillary Web search result supporting technologies makes it possible to subvert user clickthroughs to land on infected pages,' he added.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo