Trend Micro: RSS Is Worm Bot's Next Target
By Ryan Naraine
November 29, 2005
Security researchers at Trend Micro Inc. have pinpointed RSS (Really Simple Syndication) technology as a lucrative target for future bot worm attacks...RSS feed hijacking will become commonplace when Microsoft Corp. ships Internet Explorer 7, a browser refresh that will feature built-in RSS support.
In a white paper titled "The Future of Bot Worms," Sancho said the IE7 release "will open some interesting possibilities to worm creators." "The easy way of taking advantage of the popularity [of RSS] is to hijack the existing configured feed clients to automatically download new copies of worms and other threats to the infected computers. This is accomplished by pointing the already-configured client to different and malicious Web content,...RSS feed hijacking attacks will serve as a passive download point that could easily bypass personal firewalls and other security barriers...