Report shows hackers using Web 2.0 sites

WASHINGTON, Feb. 25 (UPI) -- Legitimate U.S. Web pages, especially social networking sites using Web 2.0 technologies, are increasingly being used by hackers as a way to launch attacks.

A new study from Cupertino, Calif.-based Internet security firm Trend Micro Inc. found that hackers are intensifying their efforts to compromise legitimate Web sites, using them to load malware onto the computers of Internet surfers who visit.

"The number of compromised Web sites is slowly outnumbering malicious ones created specifically by cyber criminals" to load the hacker software on unsuspecting visitors' PCs, said the company in a statement.

The company's labs published their 2007 Threat Report and 2008 Forecast last week.

It says Web sites compromised by hackers include "trusted" ones "such as those belonging to Fortune 500 companies, schools and government organizations."

The report adds that "social networking communities" like Facebook and MySpace, "and user-created content such as blog sites" were favored by hackers as attack vectors because of their reliance on insecure "Web 2.0 technologies, particularly cross-site scripting and streaming (media) technologies."

The researchers also found that the top malware worms in 2007 were self-replicating pieces of malicious software called Spybot.is and Gaobot.df that infected USB-connected devices.

Nearly half of all "threat infections" originated in North America, but Asian countries were experiencing a growth -- 40 percent of infections stemmed from that region last year.

The volume of infections nearly quadrupled between September and November 2007, "indicating that malware authors took advantage of the holiday seasons as an opportunity to send spam or deploy spyware while users are shopping online."

In 2007 the top online commerce site attacked by phishers was still the global auction site e-Bay and its companion financial service, PayPal. Other financial institutions, especially those based in North America, also experienced a high volume of phishing attacks, said the report.