Following last week’s Interpol report that uncovered hundreds of malware-infected websites – including government portals – across Southeast Asia, Menlo Security has released a report examining levels of infection risk among Singapore’s Top 50 websites – and the results are not encouraging.
The report provides details on the amount of “active content” being fetched and executed by the simple act of visiting the country’s most popular websites, says Stephanie Boo, MD for Asia Pacific at Menlo Security.
“When you open a website, the browser will load active content – like Flash and JavaScript – from several other sources” explains Boo. “These background initiated requests are designed to deliver a richer web experience, but they can also conceal scripts from dubious or malicious sources of the sort that Interpol recently disclosed.”
The new Menlo Security report highlights the number of scripts and the amount of code downloaded for Singapore’s top 50 sites, and it fingerprints the web server headers and the software versions of their backend code against the National Vulnerability Database. As a rule, the older the version, the higher the risk of infection.”
According to the report, 12 of the 50 sites (many of fall under the categories of Computer and Internet Information, Online Shopping and Business and Economy) were serving active code from risky “background sites” marked as Adult and Pornography, Gambling, Uncategorized Business and Economy or Content Delivery Networks.
Visiting these top 50 sites resulted in active code from no less than 233 different background domains, said Boo.
“If you knew that an employee visiting a top 50 Singapore website could be exposing your browser to nearly a hundred hidden scripts, would it make you think twice?” she said. “The recent ‘Lazarus Group’ investigation showed how they could target banking, crypto-currency and casino networks by infecting their users’ most trusted websites – the so-called industry ‘watering holes’ – to gain a toe hold for deeper penetration. So this report is a real eye- opener.”
The report says that because legitimate scripts make for an easier web experience, and because the average web surfer doesn’t know much (if anything) about scripts, “The main takeaways show that going to any popular website is now associated with some risk, as we see play out in numerous media stories every week. The recent Pagefair hack should be a warning to everyone that trusted websites take content from many entities of varying security postures.”
Menlo Security says it will also be issuing regular reports for other national Top 50 websites.
Be the first to comment