Sourceforge Wiki Page Filled with Search Engine Spam…
Sourceforge.net has a wiki subdomain which allows solution providers to add their own relevant content. In a recent security incident, spammers filled the user-generated wiki page with keywords and links to pornography sites, therefore leveraging the popular domain and its subdomains to rank the sites higher in search engine results.
As revealed in the Cyberoam threat trends report for Q3 2009, the above incident could have as easily involved malware hosting sites which puts the users of collaborative, open source environment such as wikis at great risk from unknown external threats.
WebCat, Cyberoam’s automated site categorization engine, with its extensive site database of 82+ categories offers protection to visitors against such threats since it categorizes the internal pages in addition to the home URL.
Among other incidents, spammers are continuing to stick to major news events such as the current financial crisis and the debate around health care reform in the US. Some of the more creative examples used include a letter from the “F.B.I.” promising to help recover money for 419 scam victims. Financially squeezed recipients are more likely to fall for such tactics especially during a recession.
The use of legitimate file sharing services such as Google spreadsheets has prompted traditional spam filters to trust these sources. In this particular example, pharmaceutical spammers encrypted the end key (a unique combination of letters/numbers) of the acceptable Spreadsheet URL “http://spreadsheets.google.com/pub?key=” to bypass spam filters so that they would fail to detect when the key is malicious.
Another version of pharmaceutical spam was related to Facebook with its familiar blue-header, designed to fool spam filters that may not properly identify image-based spam.
This quarter also saw spam levels reaching a record high of 97% in July averaging around 80% for most of the quarter. For the 2nd quarter in a row, Cyberoam saw spikes in email-borne viruses with delayed detection time between 6 to 90 hours for major anti-virus engines. Two particular viruses named Mal-Bredo A and Mal Behav-340 saw the highest number of attacks with more than 10,000 and 1900 distinct variants respectively!
Read the complete threat report
As revealed in the Cyberoam threat trends report for Q3 2009, the above incident could have as easily involved malware hosting sites which puts the users of collaborative, open source environment such as wikis at great risk from unknown external threats.
WebCat, Cyberoam’s automated site categorization engine, with its extensive site database of 82+ categories offers protection to visitors against such threats since it categorizes the internal pages in addition to the home URL.
Among other incidents, spammers are continuing to stick to major news events such as the current financial crisis and the debate around health care reform in the US. Some of the more creative examples used include a letter from the “F.B.I.” promising to help recover money for 419 scam victims. Financially squeezed recipients are more likely to fall for such tactics especially during a recession.
The use of legitimate file sharing services such as Google spreadsheets has prompted traditional spam filters to trust these sources. In this particular example, pharmaceutical spammers encrypted the end key (a unique combination of letters/numbers) of the acceptable Spreadsheet URL “http://spreadsheets.google.com/pub?key=” to bypass spam filters so that they would fail to detect when the key is malicious.
Another version of pharmaceutical spam was related to Facebook with its familiar blue-header, designed to fool spam filters that may not properly identify image-based spam.
This quarter also saw spam levels reaching a record high of 97% in July averaging around 80% for most of the quarter. For the 2nd quarter in a row, Cyberoam saw spikes in email-borne viruses with delayed detection time between 6 to 90 hours for major anti-virus engines. Two particular viruses named Mal-Bredo A and Mal Behav-340 saw the highest number of attacks with more than 10,000 and 1900 distinct variants respectively!
Read the complete threat report
Labels: Open Source, Threat Report, Wiki Spam
posted by Abhilash Sonwane at
10:35 AM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
Links to this post:
Create a Link
<< Home