In a sense, this crimeware as a service (CAAS) was inevitable. According to an earlier report from Finjan, more than 51 percent of websites that pushed malicious content in the second half of 2007 were legitimate destinations that had been commandeered by bad guys. The service is evidence that there's money to be made in automating that process - and one more sign that cyber-crime has grown into a full-fledged business where no opportunity to turn a profit is passed up.
"You can imagine the magnitude of this marketplace now," he said in an interview. "They really commercialize everything in this eco-system."It's not the number of the compromised websites that is a worry, but their prominence. The information was likely gleaned by keyloggers intercepting File Transfer Protocol information being sent from infected computers to webhosting servers. Once you have that, you can change anything you like on even the most securely encrypted page because you have access to the source code at the publishing level. It's a wake-up call for webmasters to use only secure FTP to update servers.
|HotHardware and CyberPower PC Spring...||129|
|Microsoft's Attempt To Convert Users...||32|
|Video Demo Pits 2012 Watch Dogs On PC...||19|
|The NSA Cites Anyone Using Encryption To...||17|
|Microsoft Confirms DirectX 12 Lives,...||15|
|Panasonic's 20-inch Toughpad 4K Tablet...||12|
|Windows XP Slated To Be Mothballed April...||12|