Blogs as Safe Haven for Cybercriminals?


To blog or not to blog? Well, why not? Lots of people like either to write or to read blogs -- sometimes both. The much-quoted survey by the Pew Internet & American Life Project, says 27 percent read blogs. 38 percent of all Internet users at least know what a blog is. The survey was made in November 2004 and estimated that 32 million Americans to be blog readers by the end of 2004. So now there must be much more blog readers and writers.

But there has recently been bad news that spoiled bloggers' mood. The security firm Websense found that blogs are "being used as a safe haven by hackers for storing and distributing malicious code, including identity-stealing keyloggers." Since January, Websense Security Labs has discovered hundreds of blogs set by hackers.

There have been scores of articles on this topic since last week. See, for example, the article by Gregg Keizer "Hackers Use Blogs To Spread Worms, Keyloggers" April 13, 2005 at http://informationweek.com/story/showArticle.jhtml?articleID=160702505

The general idea of all these articles is the same: hackers turn to blogs. Blogs are suitable for them: there are large amounts of free storage space, no identity authentication is required to post, and there is no scan of posted files for viruses, worms, or spyware in most blog hosting services.

Such blogs experts from Websense Security Labs call "toxic". In its press-release "Toxic Blogs Distribute Malcode and Keyloggers" http://ww2.websense.com/global/en/PressRoom/PressReleases/PressReleaseDetail/index.php?Release=050412889 they explained how some malevolent individuals use blogs for their own gain.

In some cases cybercriminals create a blog on a legitimate host site and post viral code or keylogging software at the page. Then they attract traffic to the toxic blog by sending a link through spam or spim (the analog of spam for instant messaging (IM). So a good advice never follow links in spam is worth remembering.

In other cases, a blog can be used only as a storage mechanism which keeps malicious code (for example, updates) for Trojan horses that have already been hidden on the users' computers.

"To read or not to read blogs -- that's a question?" Of course to read them, to write them -- blogs are already a part of our culture. But be careful.

While PC users can do little to stay aside of toxic blogs except not following links in spam and spim messages, leading to these blogs. If a blog is used as a storage for malicious code, users can do nothing at all about it.

It is up for blogging tool operators to add security, such as anti-virus and anti-spyware protection, to blog hosting service. They can also limit the types of files that can be stored. And it is high time they made their service more secure, because literally millions of Americans might be in danger of picking malicious code, such as a virus, worm or Trojan horse, simply by reading a blog.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing which created a technology capable of disabling the very processes of information capturing -- keylogging, screenshoting, etc. It makes the company's anti-keylogging software a solution against information-stealing programs and modules.

Learn more -- visit the company's websitehttp://www.anti-keyloggers.com