November 20, 2007

Browser Beware: Web 2.oh.oh?

As the web has become more feature rich, new security exploits are popping up all over. CTO and Chief Researcher Roger Thompson over at Exploit Prevention Labs has posted half a dozen short videos showing how sites have been compromised or are otherwise serving up some bad content due to embedded advertisements.

The problem, as he aptly describes, is that most web traffic goes straight through your firewall. Some of the exploits use javascript to redirect to other sites. In another example, he shows how the Bank of India site was compromised to automatically download a frightening number of malware files simply by loading the web page in an unpatched browser. The scary part is that it was only detectable by running a separate debugger window -- meaning that the vast majority of web visitors wouldn't have seen anything amiss until it was far too late. He claims that anti-viral software isn't as effective in recognizing and stopping these types of exploits, and I tend to agree. (Please note I have not tried their LinkScanner Pro software, so this isn't an endorsement of that particular product.)

As the holiday season usually spurs a noticeable increase in spam, scams, and other exploits, remember to keep your PC and your information safe with updated patches, anti-spyware, ad blockers, etc. Also consider using a non-IE web browser, as IE's ActiveX helps to enable these drive-by downloadings. However, keep in mind that using alternative browsers could still expose you to some risk when javascript is enabled. Indeed, many web pages nowadays won't load or perform properly with javascript turned off, so exploits such as these will continue to crop up. Also keep a keen eye on your web browser's status bar (usually in the bottom left corner) when mousing over links and while web pages are loading, as sometimes they may be your only clue that you may be visiting a "Web 2.oh.oh" site.

Topic(s):   Privacy & Security
Posted by Jeff Beard