As more users shift to checking email, making payments, and working through web applications, cybercriminals are increasingly targeting them to exploit account information and other valuable data.
 |
| Source: Security Labs |
In recent weeks, the email services of Yahoo, Google’s Orkut virtual forum, and eBay’s online payment system PayPal have each become targets of cyberattacks. All three companies have acknowledged security vulnerabilities in their services and have quickly addressed them.
The attacks occurred at a time when Microsoft—whose operating system runs on 90% of the world’s computers—had just patched dozens of vulnerabilities in email applications, browsers, and office software, marking a potential record number of flaws addressed.
This is also a thriving time for social networking forums like MySpace.com and various calendar and messaging services provided by Google, Yahoo, and many other companies.
“Necessity is the mother of invention”
Of course, with users flocking to these web-based services, hackers cannot afford to ignore the opportunity. In their eyes, this is indeed a fertile ground yet to be explored.
“They are starting to realize that there are tons of vulnerable scripts that are easy to hack,” said Eric Sites, Vice President of Research and Development at Sunbelt Software.
One of the most recent discoveries is a worm attacking Orkut, the virtual social forum owned by Google. This worm tricks members into clicking on a link to an image, while secretly downloading malware onto their machines. Data such as usernames and passwords, along with Windows files that typically store banking account information, will be monitored by this malware and automatically sent back to the worm’s creator.
“The bad actors are advancing and becoming more malicious. It’s unfortunate because it’s indeed a brilliant idea. Surely, in the near future, we will witness many more cases like this,” commented Chris Boyd, a security expert who discovered the worm.
Inevitability of Targeting
Previously, in October last year, MySpace.com, which has up to 88 million registered members, was hit by malware: Each member suddenly added millions of other users to their friends list.
This incident caused MySpace to become overloaded and malfunction for a while, but more dangerously, it sounded the alarm about the threat of web applications/services being attacked.
Analysts believe that it is inevitable for hackers to seek new paths, as computer users are becoming more vigilant. They are more inclined to install and run security software and updates compared to before.
“We can say that we have forced them to adapt. Hackers are trying to slip under the radar by infiltrating new areas where security is lax,” said the Director of the Security Response Center at Symantec.
Rapid Response
Another driving force behind hackers eyeing web services is the power and high mobility of web programming languages, allowing browsers to operate just like Word, Excel applications, etc. Recently, a Yahoo worm attacked a flawed script in Ajax, signaling the emergence of a new generation of malware.
With this type of worm, users do not need to click on an attachment to be infected; they just need to open a file to read it. Afterwards, the worm will automatically send emails to all contacts in the victim’s address book and send them back to a remote server, likely for spam distribution purposes.
However, unlike desktop applications, companies like Yahoo, Google, and PayPal can quickly patch these vulnerabilities. PayPal addressed the issue almost immediately by modifying a few lines of code on their server, blocking the potential exploitation of the vulnerability.
Meanwhile, companies like Microsoft must upload patches for personal computers online. Users will download these patches and install them on their machines—a process that takes more time.
Heavenly Intention
