Stopbadware and this site are going to get along very well; today they released a press release that detailed five hosting companies that host a BUNCH of malicious websites distributing software to unsuspecting users with unsuspecting webmasters, although some could certainly be doing it on purpose. Most sites were probably hacked using a flaw in the management panel for their website, or using a known vulnerability in an unpatched content management system or by guessing weak passwords to inject lines of malicious code.
“The big trend that we see is away from sites distributing badware knowingly and maliciously to a world in which many of the sites hosting badware have no idea,” said Palfrey. “Often, amateur webmasters find out that their sites have been hacked, and that their sites can infect their customers’ computers without anyone’s knowledge - except the unscrupulous hacker who is trying to make a buck off the transaction or is just out to cause harm.”
StopBadware.org analyzed 49,296 sites - sites submitted by trusted third parties to the StopBadware.org Badware Website Clearinghouse - and identified the following web hosting companies with the largest number of infected sites residing on their servers:
iPowerWeb, Inc., (10,834)
Layered Technologies, (2,513)
ThePlanet.com Internet Services, Inc, (2,056)
Internap Network Services, (1,437)
CHINANET Guangdong province network, (786)
One possibility is that some of these sites are hosted by someone else who bought a server from one of the hosting companies, and if the server was purchased years ago, it could be running older software because no one ever upgraded it, but, as noted in the article, it could also mean that some of these hosting companies have security vulnerabilities which could increase the likelihood of a site being hacked.
Either way, these malware, spyware, badware distributors, affiliates and programmers are all dirtbags!
There is a Google groups posting just for this article here, New data on hosting providers, blog post here, StopBadware identifies hosting providers of largest numbers of sites in Badware Website Clearinghouse, visit the entire list of reported urls, and check the clearing house to see if your site is listed, Badware Website Clearinghouse, the search box is at the bottom of that page, and if you are listed you can get a request for review here. They also have some handy tips on detecting, removing and preventing badware on your website here, Tips for Cleaning & Securing Your Website
A couple ways you can get listed is by doing the following:
Sites that can cause involuntary installation of software on unprotected or unpatched computers. For example, hacked sites with code that attempts to secretly install software when a user visits the site.
Sites that deceive and trick users into installing malicious software. For example, sites that appear to link to adult movies, but then ask users to install a browser plug-in to view the movie, without telling the user that the plug-in actually contains a stealth dialer or other malicious programs.
2 Replies
[...] (Source: Exposing Hosting Companies with Malicious Websites) [...]
[...] hosting companies that are currently silently installing malicious software, as detailed here, Exposing Hosting Companies with Malicious Websites. Brian says organized crime is responsible and IPOWER says it was one compromised server run by [...]
Leave a Comment
trackback address