As blogs continue to increase in popularity, they are becoming a more and more appealing target to the shadier elements of the Internet. The online world is teeming with criminals who attempt to take advantage of weaknesses in the security of web hosts and blogs and lax security precautions on the part of bloggers themselves to ensnare innocent victims.
At one time, the primary conduit for the spread of malware and spyware was through filesharing and e-mail. Such infections can be prevented through the use of spam blockers and antivirus programs. Nowadays, however, simply surfing to a particular site or blog can cause an infection.
Some blogs are set up for the sole purpose of infecting visitors’ computers. They are made to look harmless but have viral code such as JavaScript or other malicious software embedded. They attempt to lure visitors to the blog through the use of chat rooms, instant messenger and spam e-mail messages.
Increasingly, however, third party blogs and websites are being attacked in an effort to turn them into virus distribution centers on the backs of innocent bloggers and at no cost to the hackers themselves.
If you have ever gotten a message from Internet Explorer, Firefox, Google’s Chrome or Apple’s Safari that a particular site contains malware, that site may have been the victim of such an attack. I should know, because this has happened on more than one blog that I operate (including InternetMacMarketing), to great inconvenience for myself!
What exactly is malware anyway? It is a type of software that is intended to cause harm or to break into a computer system, generally without the knowledge or consent of the owner. The term malware covers computer viruses, trojan horses, worms, spyware, adware and keyloggers.
Spyware is a type of malware that is almost exclusively created for profit. This type of malicious code attempts to collect information from someone’s computer system without his or her consent. Other types of malware may change the normal behavior of a person’s system, such as altering the web browser to activate pop-up advertisements or some other scheme designed to financially benefit the malware’s creator.
One type of malware may redirect the Web surfer to a page filled with advertisements when a user enters a query into a search engine. A particularly vicious and pernicious type of malware, and one that is particularly scary to Internet marketers, is one that steals from a legitimate online business by altering key marketing codes that cause any income generated by the site to go to the malware operator rather than the originating site’s owner.
Other nasty forms of malware are those that install keyloggers, or bits of software that record the keystrokes a computer user makes, such as passwords or other valuable data like credit card information, and then sends this information to the spyware’s creator, who can then go on a feeding frenzy of theft, either of money or of a user’s identity.
When a blog is infected with malware, the site often innocently serves as a host to malicious software. Such a setup often allows the malware to evade filtering and detection systems. A blog that is infected with malware may trigger a warning in Google Chrome to the user against visiting it, but may trigger no such message in Apple’s Safari, or vice versa.
Furthermore, since a blog is always online, it has a somewhat permanent presence on the web, making it readily accessible to Internet users who could be victimized. All they may need to do is click on a link in order to be lured into the trap.
The operator of an innocent blog is also victimized when malicious code is inserted into his or her blog, and may lose several days of productivity and money in an effort to remediate the problem and remove the malicious code from the blog.
Securing one’s blog against infection is not just a simple matter of using strong passwords and keeping them secret, as virus writers often exploit vulnerabilities in blogging software such as WordPress or webhosting sites themselves in order to insert the malicious code.
WordPress is constantly being updated to stay ahead of such attacks, but it cannot always keep up with the virus writers. Also, because many third-party blogs can be infected in rapid succession by automated algorithms, the number of infected blogs can spread into the thousands.
Often, search engines such as Google are used by virus writers to locate malware files that are readily available online. malware distribution sites with names such as hyundaita or brainbin aid in spreading the malicious code.
Vulnerabilities and features that were once a secret are now well known to profiteering hackers and Internet criminals. Malicious code to spread viruses no longer needs to be written from scratch; it is now just a click away.
In order to find malware with the aid of Google, one nearly needs to have the specific signature of the software desired, and these are shared freely by hackers and online bandits with the aid of disreputable and shady sites.
Some websites even index such signatures in convenient online databases for easy search and retrieval. Patrons of the sites share malware with one another with the aid of site moderators so that signatures can be produced quickly and made available to other members. In this way, even unskilled hackers will be able to access any piece of malware they desire and spread it to different blogs.
If you have a Mac, your chances of being infected with malware are minimized, although Apple Safari will still display a message when a site containing recognized malicious code is detected. On the other hand, Mac-using blog operators can be just as susceptible to hacking attacks on their blogs as anyone else.
To avoid getting a virus on your computer, your best course of action is to install an antivirus program, such as Intego Virus Barrier, and to keep it updated. Making sure your firewall is activated is also a good idea. And of course, be cautious when opening e-mail and never download any file attachments that you were not expecting.
You should also be wary of active links that even trusted contacts send you when instant messaging. Best to contact them first and asked where any link leads in order to verify its authenticity.
It is unfortunate that so many who are such miserable failures in their everyday lives or in any business ventures they may attempt to undertake must compensate by trying to make money or get their jollies by infecting other people’s computers and harming their livelihoods. They take from, rather than giving to, the greater Internet community.
The methods they use are constantly evolving and adapting, and those who attempt to defend against them can at best sometimes only keep one step ahead of them, if even that. The best defense is to remain forever vigilant against the methods and schemes of the virus writers and distributors.
