reading up on malware-serving widgets

As if there isn’t already enough uncertainty about browsing the web in general, take a read on recent posts from Armorize about some (to put it lightly) malware being served via widgets…with a large exposure base on Network Solutions’ parked domains. Part 1: the infection delivery; part 2: more on the malware; part 3: follow-up.

As the years go by, I have become less interested in the workings of malware on the desktop (call me jaded, but I consider it a total loss once it starts) and more interested in the delivery mechanisms and how malware gets injected into servers; or how servers get popped either directly or as unwitting facilitators (I work more with servers than desktops, so maybe this interest is natural). These reports by Armorize are a bit confusing to read in this regard, but from the sounds of it, either a widget server is being subverted or Network Solutions still has problems with someone owning (to some degree) their systems (or both). NetSol has been beleaguered this year with attacks.

Hosting someone else’s code. Including widgets from other people that consume content from other sites. Reduced budgets and increased cost-cutting. These are the sorts of things that demonstrate our unintended expansion of the trust we need to have in others and other code for our own security. Complexity doesn’t make things easier!

One thought on “reading up on malware-serving widgets

  1. your shift in interest is completely natural.
    the interest in how malware works is what one has in the beginning when the topic seems new. as time goes on you get closer and closer to hearing everything there is to hear about how it works and your interest starts to focus on the practical matters like defense.

Comments are closed.