February 23, 2005 2:46 PM PST

Spyware infiltrates blogs

Related Stories

Bloggers rally for jailed Iranians

February 22, 2005

Google blogger: 'I was terminated'

February 11, 2005

Google blogger has left the building

February 8, 2005

Windows glitches to get fixes

February 3, 2005
Hackers are using blogs to infect computers with spyware, exposing serious security flaws in self-publishing tools used by millions of people on the Web.

The problem involves the use of JavaScript and ActiveX, two common methods used to launch programs on a Web page. Security experts said malicious programmers can use JavaScript and ActiveX to automatically deliver spyware from a blog to people who visit the site with a vulnerable Web browser.

Spyware tools also have been hidden inside JavaScript programs that are offered freely on the Web for bloggers to enhance their sites with features such as music. As a result, bloggers who use infected tools could unwittingly turn their sites into a delivery platform for spyware.

News.context

What's new:
Vulnerabilities are plaguing self-publishing Web tools, exposing bloggers to attacks.

Bottom line:
Bloggers who use infected tools could unwittingly turn their sites into a delivery platform for spyware, security experts warn.

More stories on this topic

"It is one more link in the commerce chain of illicit adware," said Richard Stiennon, chief of technology at Webroot Software, a maker of anti-spyware technology.

"If auto-generated Web sites such as blog sites allow the inclusion of ActiveX and JavaScript, they are a great place for spyware writers to try to induce the blogger or Web page owner into including some active code," he said.

Spyware has plagued Web surfers and companies in recent years. Creators of malicious code take advantage of security vulnerabilities in e-mail software, Web browsers and desktop applications to spread code used to siphon personal information or litter a PC with advertisements. Now such rogue outfits are using blogs as a tool to increase their number of installations.

The problem only affects Web surfers using Microsoft's Internet Explorer who fail to choose the highest IE browser security settings, security experts said.

The blog vulnerability has cropped up most visibly in Google's Blogger, the most widely used blog-publishing tool. But it could affect other services as well.

"It is one more link in the commerce chain of illicit adware."
--Richard Stiennon, chief of technology, Webroot

Visitors to Blogger's Blogspot.com network have complained that they were exposed to infected sites when they used the "Next Blog" link. The feature was designed to help people discover new journals and takes Web surfers to a random Blogspot site.

"They left the back door wide open," said Ben Edelman, a Harvard University researcher who has documented the vulnerability on his site, referring to Blogger.

A Google representative responded by saying the company is "aware of this issue and we are looking into it."

Visitors to Blogger sites at Blogspot.com say they have been targeted with pop-up ads seeking to deliver malicious code to their computers. One ad erroneously warns people that their computers are vulnerable to

CONTINUED:
Page 1 | 2

3 comments

Join the conversation!
Add your comment
BLOG SPYWARE
yes, I have experienced unwanted spyware and cannot find a program to remove it. The spyware has changed my desktop icons to have a botton arrow attached. I have several good programs to remove hackers but my icons still have an ugly arrow attached. I think this is comming from Earthlink.net
Posted by (1 comment )
Reply Link Flag
remove hackers
<a class="jive-link-external" href="http://www.analogstereo.com/citroen_c4_owners_manual.htm" target="_newWindow">http://www.analogstereo.com/citroen_c4_owners_manual.htm</a>
Posted by Ubber geek (325 comments )
Link Flag
Another way to combat spyware
I discovered another way to protect yourself from spyware. I recently began using STOPzilla and it works, it is well worth the money. The software automatically suppresses adware, spyware applications and more without interrupting your web experience. It is unobtrusive and does everything that I hoped it would do. You can check it out by going to <a class="jive-link-external" href="http://www.stealthsurfer.biz/stopzilla/stopzilla.html" target="_newWindow">http://www.stealthsurfer.biz/stopzilla/stopzilla.html</a>
Posted by iamannenne (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.