BleepingComputer.com: Hackers Set Traps On Broad Websites

"Ordinary websites are fast-becoming a top security threat for PC users. Tainted Web pages first appeared in late 2005. Now, they're turning up as Google advertising links, on Wikipedia and elsewhere, "from top-tier names to mom and pop bakery shops...Cybercrooks are corrupting Web pages by the tens of thousands. By tapping holes in the Internet Explorer browser, they implant tiny programs that connect the PC of anyone who simply clicks on the tainted page to a "mother ship" server, often in Russia or China. That central server collects data typed into online forms — banking log-ins and shopping cart transactions, for instance. It also hijacks the captured PC into a network of compromised PCs, known as "bots," to spread spam.

In one recent sweep, security firm Cyveillance identified 50,000 corrupted pages. Websense estimates the actual number may be 10 times that..."

Other than running all the normal anti-virus, etc programs, how on earth would a 'regular' computer user ever protect oneself against this kind of stuff. No wonder more and more people are running from using IE.

I would call this threat serious in the extreme! But also, where's the extended info? I'll be back; hopefully with links to how we can combat this plague, and what's involved, etc.

Chow 4 Now.

Found a couple of articles on short notice, and what looks like an interesting tool.


http://www.computerworld.com/action/articl...ticleId=9001649
Nice bit of technology. Google search for malware.



http://www.tgdaily.com/content/view/27933/135/
Google warning on malware sites.


http://www.tgdaily.com/index.php/content/view/26539
Interesting article on Scandoo. A malware scanning overlay for Google, Yahoo, and MSN.



http://www.scandoo.com/
And the link to Scandoo. Don't know how effective it is, but it did say there was critters on Kazaa. ( The only buggy site I could think of straight away...)


Hopes this starts to add some knowledge...

"Steve Gibson of grc.com and Leo Laporte talk with Marc Maiffret,founder of eEye Digital Security of Aliso Viejo,California.eEye has perhaps done more forensic and vulnerability testing research to increase the remote security of Windows than any other group,including Microsoft.They continue to find and report an amazing number of Windows security vulnerabilities." High Quality (64 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-091.mp3 Quarter size(16 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-091-lq.mp3

So anyway, this is something that has been going on for a few years now... interesting how a Google study suddenly puts everyone in a panic. There is no single tool to combat any of this other than the tool between your ears. Keep your operating system patched. Use an anti-virus/anti-spyware. Set your browser security levels to high. If you run IE, don't juts simply allow every ActiveX control to run. Don't allow the browser to download applications. If you use Firefox, disable Javascript (except for trusted sites). Keep your operating system patched.

The Internet is a tool, and like any tool, one needs to take the proper precautions to protect themselves; one can't just depend on a tool or two to protect them, and it is unrealistic to expect so. There is no piece of software (yet) that will prevent you from driving your vehicle into the back of another, so we take the time to learn how to use our automobiles. Why should Internet usage be any different?

And to think my parents didnt think firefox was any better ie this is wy i dont trust ie