CYBER NEWS

URLhaus leva para baixo 100,000 Sites de malware dentro 10 meses


URLhaus é um projeto de segurança cibernética lançado pela organização sem fins lucrativos abuse.ch bem conhecido na Suíça. O projeto é focado em compartilhar URLs maliciosos, e ele só conseguiu tomar uma queda de quase 100,000 sites explorados para a distribuição de malware.




The take-down operation requires the cooperation of hosting companies whose infrastructure was used. Contudo, this is not an easy task since most companies tend to take the time to respond to such reports.

relacionado: A maioria dos tipos de arquivos populares do Windows usado pelo Malware

More about URLhaus and Its Take-Down Operation

URLhaus was launched at the end of March last year, with the idea to collect and share URLs used for malware distribution. o 100,000 malware distribution sites were taken down within 10 meses. Levou 265 security researchers from around the world to identify and submit approximately 300 malware sites on a daily basis.

According to their own relatório sobre o assunto, the project managed to “get the attention of many hosting providers, helping them to identify and re-mediate compromised websites hosted in their network”. Large hosting providers have tens of thousands of customers, a significant amount of which hijacked websites in their network that are getting abused by cybercriminals to distribute malware, os pesquisadores disseram.

It is noteworthy that Chinese hosting providers took the longest to respond. “The three top Chinese malware hosting networks have an average abuse desk reaction time of more than a month,” diz o relatório. Mais especificamente, ChinaNet, ChinaUnicom and Alibaba left the compromised websites running for more than a month. The negligence to respond left 500 malware URLs active and running, hence spreading malware.

The most adequate response came from Unified Layer, a hosting provider in the United States.

relacionado: Ação de Graças Phishing Scam Entrega o Emotet Malware

Most Malware Sites Are Related to Emotet

The average number of active malware distribution sites that URLhaus counts is between 4,000 e 5,000 on a daily basis.

Emotet gets propagated through spam that hits users inbox almost every day, os pesquisadores notaram.

Malicious spam campaigns usually contain a rogue office document with macros, which upon opening and enabling automatically downloads and executes Emotet from the compromised website. There is a way for these campaigns to bypass spam filters, and it is to redirect to a compromised website hosting the malicious document rather than attach it to the email message.

There is still a long way to go with regards to response time of abuse desks, the researchers said in conclusion, hoping that hosting providers will improve their response rates and take the malware distribution matter seriously.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...