Skip Links

Google: Ghost in the machine is malware

By Layer 8 on Mon, 05/14/07 - 11:11am.

Google researchers  have found a disturbing trend: they say at  least one in 10 web pages is booby-trapped with malware. Google's Ghost in the Browser study looked at over 4.5 million Web pages, and found that 10% of them were capable of activating malicious codes and 16% were  suspected to contain codes that might be a threat to computers. “To entice users to install malware, adversaries employ social engineering. The user is presented with links that promise access to ‘interesting’ pages with explicit pornographic content, copyrighted software or media. A common example are sites that display thumbnails to adult videos,” the study states. “Our study has found a large number of web sites responsible for compromising the browsers of visiting users. The sophistication of adversaries has increased over time and exploits are becoming increasingly more complicated and difficult to analyze. Unfortunately, average computer users have no means to protect themselves from this threat.”    Google says browsers can be compromised just by visiting a web page and become the vehicle for installing multitudes of malware on their systems. “The victims are completely unaware of the ghost in their browsers and do not know that their key strokes and other confidential transaction are at risk from being observed by remote adversaries. We have seen evidence that web-based malware is forming compromised computers into botnet-like structures and believe that a large fraction of computer users is exposed to web-based malware every day. Unlike traditional botnets that are controlled by a bot master who pushes out commands, web-based malware is pull based and more difficult to track. “Indeed botnets are a growing problem: Symantec says there are more than 4.5 million of them and that they are the  backbone of cyber crime today.  These armies of compromised computers are behind such scourges as spam, phishing click fraud and denial of service attacks.