Malware Infections Are Usually From "Legitimate" Websites

Fanghawk

New member
Feb 17, 2011
3,861
0
0
Malware Infections Are Usually From "Legitimate" Websites

You're more likely to encounter malware through reputable, hacked services than seedy, illict websites.

If you've spent even a small amount of time on the internet, you're probably aware of a simple fact: has updated its Transparency Report with breakdowns on common infection sources, revealing the biggest malware culprits to be compromised "legitimate" pages that unwittingly take advantage of visitors.

Let's make one thing clear: It is still a horrible idea to just visit some illict porn site and start downloading everything you see. That will turn out badly. What Google's saying is that the vast majority of malware infections come from perfectly legal services which most users assume are safe. Some are small Mom-and-Pop operations, <a href=http://www.escapistmagazine.com/news/view/106718-Sony-Claims-It-Can-Fix-PS3-Security-Problems>others could be significantly larger, but all have vulnerabilities that hackers took advantage of. Google blocks approximately 10,000 of these websites per day to stem the tide, but with up to 90,000 infections detected during especially infectious weeks, the company is clearly involved in a long-term struggle.

That said, it's not all bad news. As webmasters become more aware of online security, the response time between detecting an infection and repairing it has dropped dramatically in recent years. Google's Safe Browsing, for example, informs users and webmasters when websites have been compromised, discouraging traffic until the problem is fixed. We'll probably never fully get rid of malware, considering that approximately 100 million browsers see warnings each week. Still, while the number seems daunting, the fact that we know about it at all is a step in the right direction.

Source: Ars Technica

Permalink
 

Tahaneira

Social Justice Rogue
Feb 1, 2011
377
0
0
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.' I should show them this article, not that it'll be likely to change their minds.
 

Phrozenflame500

New member
Dec 26, 2012
1,080
0
0
Oh wow, so my constant malware infections aren't because of that dwarf midget porn site?

Fanghawk said:
It is still a horrible idea to just visit some illict porn site and start downloading everything you see. That will turn out badly.
Fuck.
 

BanicRhys

New member
May 31, 2011
1,006
0
0
Given the Escapist's stance on ad blocking software (which is totally just, ads provide the hard working people of the internet with the money they need to live, so don't use them, they're evil, please (don't ban me bro)), seeing this kind of article here is somewhat odd given that ads on legitimate sites are known to occasionally contain malware too.
 

weirdee

Swamp Weather Balloon Gas
Apr 11, 2011
2,634
0
0
noscript plz

doesn't eliminate the chance but increases your ability to block it significantly, even if you have security software (especially if you have security software)

don't tell me you can't figure out how to work the permissions because it's still not worth wiping your hard drive
 

thesilentman

What this
Jun 14, 2012
4,513
0
0
... In other news, I called it a long time ago. I'm one of those paranoid nutters who run an ad blocker and Collusion on every site, minus the Escapist and some other site as they deserve the ad money.

Also, isn't there something called common sense that helps with this? But at this point, some people can really make me an unhappy man.

Tahaneira said:
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.' I should show them this article, not that it'll be likely to change their minds.
Ehhhhhh, they'll still be on your case for overall common sense. I'm seriously flummoxed with the people who come to me for computer fixing. It's as if their overall common sense disappeared.
 

PoolCleaningRobot

New member
Mar 18, 2012
1,237
0
0
I should be covered considering I use 2 different free spyware programs and HostXpert to block nasty sites from connecting to my computer in the first place (I mostly browse this site on my phone anyway so they get ad revenue from me)

thesilentman said:
Tahaneira said:
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.' I should show them this article, not that it'll be likely to change their minds.
Ehhhhhh, they'll still be on your case for overall common sense. I'm seriously flummoxed with the people who come to me for computer fixing. It's as if their overall common sense disappeared.
No kidding. I got a ticket at work because someone's monitor stopped working. It wasn't working because she kicked the power cord out
 

Baldr

The Noble
Jan 6, 2010
1,739
0
0
PoolCleaningRobot said:
I should be covered considering I use 2 different free spyware programs and HostXpert to block nasty sites from connecting to my computer in the first place (I mostly browse this site on my phone anyway so they get ad revenue from me)

thesilentman said:
Tahaneira said:
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.' I should show them this article, not that it'll be likely to change their minds.
Ehhhhhh, they'll still be on your case for overall common sense. I'm seriously flummoxed with the people who come to me for computer fixing. It's as if their overall common sense disappeared.
No kidding. I got a ticket at work because someone's monitor stopped working. It wasn't working because she kicked the power cord out
My side job is a tech for an ISP, about 25% of the calls I get are because people unplugged their modems, and wonder why their internet is not working.
 

uchytjes

New member
Mar 19, 2011
969
0
0
I kind of already knew that there were far more viruses on "legitimate" websites simply because of that reason. If it looks legit, its more likely to not raise suspicion.
 

Fanghawk

New member
Feb 17, 2011
3,861
0
0
Tahaneira said:
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.' I should show them this article, not that it'll be likely to change their minds.
The accurate version of that is that you don't need to pay for antivirus and security programs.

-Common sense (Surprisingly uncommon)
-Stop automatically loading plugins in your browser (Chrome with AdBlock and appropriate settings or Firefox with NoScript)
-A good free antivirus (Microsoft Security Essentials is my choice; Some prefer others)

is all a good user should ever need to keep their PC clean.
 

Tahaneira

Social Justice Rogue
Feb 1, 2011
377
0
0
Mr.Tea said:
Tahaneira said:
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.' I should show them this article, not that it'll be likely to change their minds.
The accurate version of that is that you don't need to pay for antivirus and security programs.

-Common sense (Surprisingly uncommon)
-Stop automatically loading plugins in your browser (Chrome with AdBlock and appropriate settings or Firefox with NoScript)
-A good free antivirus (Microsoft Security Essentials is my choice; Some prefer others)

is all a good user should ever need to keep their PC clean.
I agree wholeheartedly, I use free programs myself. But most of the aforementioned idiots refuse the concept fullstop. I know one who uninstalled his programs because they were 'taking up unnecessary space.'
 

McMullen

New member
Mar 9, 2010
1,334
0
0
This is why I use AdBlock and NoScript. The last infections I got were from ads on sites I trusted. It's hard to convince others to do the same though, even when they just got done getting infected and you're trying to explain to them why Firefox with those add-ons is a better idea than Explorer.

People seem to have trouble realizing that learning to use a nearly identical browser and two-click whitelisting websites when you visit them for the first time is a bit less of a pain than not being able to trust their hard drive ever again.
 

nexus

New member
May 30, 2012
440
0
0
Everyone has malware/spyware, and other various "infections".

They almost *always* come from "legitimate" sources. Especially large corporate entities, which are the biggest suspects of prying into your daily life, and spying on you. They also need to know what your life is like, what you buy, what you do all day. So they can make more money they don't even need.

There is really nothing you can do about it, unless you plan on not using popular software, or not visiting thoroughfare sites.
 

Fanghawk

New member
Feb 17, 2011
3,861
0
0
I thought google adds getting hacked and having malware injected into it's adds was a daily occurrence wiki adds are notorious for infecting people and they are run by yes you guessed it google adds.....
 

lancar

New member
Aug 11, 2009
428
0
0
Mr.Tea said:
Tahaneira said:
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.' I should show them this article, not that it'll be likely to change their minds.
The accurate version of that is that you don't need to pay for antivirus and security programs.

-Common sense (Surprisingly uncommon)
-Stop automatically loading plugins in your browser (Chrome with AdBlock and appropriate settings or Firefox with NoScript)
-A good free antivirus (Microsoft Security Essentials is my choice; Some prefer others)

is all a good user should ever need to keep their PC clean.
I'd add these as well:
- Get rid of Internet Explorer and get something else (any other browser. Seriously)
- Use a registry cleaner every now and again (like Piriforms CCleaner. It's completely free, and very effective)
 

Micah Weil

New member
Mar 16, 2009
499
0
0
Eh, I can confirm this is so. I've gotten a few from browsing such sites as Cheezburger.com (though, there are some that claim I deserved it).

Still, it's made me pretty good at manually ripping malware out of my registries and hard drive by its rootkits.
 

Waaghpowa

Needs more Dakka
Apr 13, 2010
3,073
0
0
thesilentman said:
Also, isn't there something called common sense that helps with this?
I've heard of this common sense, I have yet to see it in action. In the meantime, there's Linux.
 

thesilentman

What this
Jun 14, 2012
4,513
0
0
Waaghpowa said:
thesilentman said:
Also, isn't there something called common sense that helps with this?
I've heard of this common sense, I have yet to see it in action. In the meantime, there's Linux.
So... we're going to exchange the hammer that is a Windows computer with a chainsaw that is Linux.

Suddenly, I hear all of my potential customers suffering heart attacks. :-(
 

viranimus

Thread killer
Nov 20, 2009
4,952
0
0
Really? You dont say. Why I would have never had any idea. /eyeroll

______________________________


Tahaneira said:
And I still know idiots who claim that they don't need antivirus and security programs, because they 'know what they're doing.'
I personally refuse to because when I use "protection" I cant "feel" the internet.
 

Dragonbums

Indulge in it's whiffy sensation
May 9, 2013
3,307
0
0
Reminds me of the time when DeviantART had advertisers that put Malware onto peoples computers.
Instead of taking the blame and not acknowledging their negligence on who is or isn't an advertiser on their site, they blamed it on the users for not having virus protection.

Before hand they completely denied that there was even a virus program for a full year.
 

Charli

New member
Nov 23, 2008
3,445
0
0
Well this is another of these 'noshit' moments isn't it... Good thing I'm paranoid about all my online activity. Never been hacked or anything. Any attempts have been thwarted at my hands *evil laugh*.
 

WeepingAngels

New member
May 18, 2013
1,722
0
0
Let's make one thing clear: It is still a horrible idea to just visit some illict porn site and start downloading everything you see. That will turn out badly.
So really, there is still a higher chance of picking up malware from illicit sites?
 

FalloutJack

Bah weep grah nah neep ninny bom
Nov 20, 2008
15,489
0
0
WeepingAngels said:
Let's make one thing clear: It is still a horrible idea to just visit some illict porn site and start downloading everything you see. That will turn out badly.
So really, there is still a higher chance of picking up malware from illicit sites?
But of course. What we have here is another skewed study based upon finding facts to fit the belief instead of seeing where the facts actually lead...like to the truth. No, there is literal metric tons of shit on internet and the dirtier it is, the worse it will be. Legit sites are like Wall Street. Just because people put up gang signs doesn't mean it's more likely. It means that people will put their shit anywhere, so keep an open eye.