Malware writers target online advertising and translation services

Research by Finjan shows new risks for enterprise users and web site owners

Enterprise users could be exposed to malware inserted into advertising on web sites because it is able to bypass traditional URL filtering tools, according to new research by web security specialist Finjanreleased today.

The firm's latest Web Security Trends Report found that 80 percent of URL's containing malicious code were found to have the code inserted into advertising.

Because of the complex system of affiliates and other third parties involved in getting an ad from an advertiser to a consumer, it is difficult for site owners to track, according to Finjan's chief technology officer, Yuval Ben-Itzhak.

The report found that web pages served by automatic translation services could also have malware inserted into them without the site owner’s knowledge, in an attempt by criminals to bypass URL filtering.

"If you have a blacklist URL filtering-type product it may prevent you going to a malicious site, but if that site has been translated, this won't be blocked [even though it still contains malware]," explained Ben-Itzhak. "The main things we're seeing [on malicious sites] are Trojans being downloaded to users, allowing hackers to remotely control users' PCs."