IT security and data protection firm Sophos is warning internet
users who have visited the Gizmodo technology and gadget blog to
scan their computers after it was revealed that the website was
delivering adverts laced with malware last week.
According to a statement on the
Gizmodo website, the blog's advertising team were tricked into
accepting what they believed to be Suzuki adverts from a group of
hackers. As a result, one of the world's most popular blogs - with
more than 3.1 million page views per day - put users at risk of
infection with what is believed to have been fake anti-virus
software, designed to scam users out of their credit card
details.
Fake anti-virus software (also known as scareware) attempts to
frighten users into believing that their computer is infected with
viruses and Trojan horses by displaying bogus alerts, and then
tricks unsuspecting surfers into making an unsafe purchase to
remedy the "problem".
"By hitting one of the biggest blogs in the world, these hackers
are aiming high. Their plan was to infect as many computer users as
possible with their malicious adverts. They know Gizmodo gets a
huge amount of traffic - once they infected the site through their
adverts they could just lie in wait for their victims to visit,"
said Graham
Cluley, senior technology consultant for Sophos. "What is
particularly audacious about this plot is that the criminals appear
to have posed as legitimate representatives of Suzuki in order to
plant their dangerous code on Gizmodo's popular website."
Sophos advises both consumers and businesses to keep their wits
about them, and ensure that their computer security is up-to-date
and checking every webpage that they visit for dangerous code and
links. Websites that earn revenue through online advertising are
advised to implement proper checks before accepting new advertisers
on their sites.
Sophos notes that this is not the first time that hackers have
managed to infect a high profile website with significant traffic.
For instance, last month the
New York Times suffered from a similar attack after a gang of
hackers
purchased ad space posing as internet telephone company,
Vonage. Visitors to the New York Times website who were served the
poisoned advert saw pop-up messages warning them that their
computer had been infected, and urging them to install
scareware.
"Scareware attacks like this are on the rise for one simple
reason - they work. Unsuspecting computer users are easily
frightened by bogus security warnings into installing and
purchasing fake anti-virus software, making cash for unscrupulous
hackers" explained Cluley.
150ヶ国で 1億人以上のユーザーが、複雑な脅威やデータ漏えいの阻止に、ソフォス製品を使用しています。ソフォスは、管理・導入・使用が簡単で、総管理コストが業界で最も低い、セキュリティ対策とデータ保護のソリューションに専念しています。ソフォスでは、グローバルに展開する脅威解析センター、SophosLabs の支援を受けて、暗号化、エンドポイントセキュリティ、Web、電子メール、ネットワークアクセス コントロールなど、評価の高い製品を提供しています。20年以上にわたる経験を持つソフォスは、セキュリティおよびデータ保護の業界リーダーとして第一級のアナリスト団体から高い評価を受け、多くの受賞歴を誇ります。