CN domain name into the worst-hit horse site 800 million netizens attacked by Trojan Horse

Intermediary transaction SEO diagnosis Taobao guest Cloud host technology Hall

April 16, rising company released "Mainland China in the first quarter of 2009 Threat report on horse Web site" (hereinafter referred to as "rising Safety Report"), Rising "cloud security" system to provide data shows that from January 2009 to March, the Internet on the emergence of horse-hanging web page accumulated up to 1亿9千多万个, On average, more than 8.89 million Internet users visit these websites every day, and 800 million internet users have been attacked by Trojans. Large Web sites, browsers, and popular software have become the target of hacker spying, with 24,202 large web sites being implanted into Trojans in the first quarter, which has become one of the main threats to domestic internet security.

First, "Rising safety report" pointed out that the CN domain name into a horse-damaged site

As hackers for large websites, popular software for hanging horses, so that a single Trojan site to attack the number of Internet users have an upward trend, according to statistics, the first quarter ranked the top two Trojan sites for gg6781.cn and sb3589.cn, the two sites attacked more than 860,000 of the netizens. From the Trojan site domain name type of statistics, CN domain name is the most popular hacker horse type. In the first quarter, 85.5% of Trojan sites use the CN domain name.

According to the rising "cloud security" system statistics, Beijing, Guangdong, Zhejiang is a malicious website (Hanging Horse site) The number of three provinces, of which 34% of the horse-mounted Web server located in Beijing. In the provinces of the Internet users affected by the statistics, because of Guangdong, Beijing, Hunan and other three provinces, the number of netizens, so the Trojan has been the most affected areas.

Second, "Rising safety report" warning, netizens do not believe the so-called "safe browser"

According to statistical analysis, the browser has become the main channel Trojan intrusion user computers, including some products called "safe browser", as long as the Internet is based on the IE kernel will be used by hackers, and these manufacturers so-called "safe browser Trojan" false propaganda, but also seriously misleading netizens to reduce security measures, bring huge security risks. Rising security experts pointed out that technically, the so-called "safe browser" does not exist, netizens should be installed with "anti-hanging horse" function of the mainstream security software to avoid being hacked by Trojans.

Third, "Trojan website life" by security experts concerned

According to the safety of rising experts introduced, the safety report for the first time to count the "Trojan site Life", is the Trojan Web site on the Internet to survive. Traditionally netizens think "the longer the existence of the Trojan Web site," in fact, according to statistics, the first quarter of the top ten hanging horse site, the longest life is 5 days, the shortest only 1 days. Hacker group has a strong ability to hang horses, can be in a day to put the URL of the horse Web site embedded in many sites, netizens browsing these sites will be hacked by Trojans.

"Rising safety Report" pointed out that because of the current popular various popular websites, client software and browsers, there are a number of vulnerabilities and security weaknesses, so that users have been attacked channel explosion; with the hacker-virus industry chain is perfect, supporting the development of the Internet, a variety of business models have been stolen Trojan horse, Trojan click on the attack , so that users of online shopping, network payments, online gaming industry security confidence has been hit. Moreover, since most Trojan virus runs without obvious abnormal features, it is difficult for users to find themselves poisoned in time.

Iv. How to guard against "hanging Horse website" by netizens

In response to the issue mentioned in the report, rising security experts said that ordinary netizens can use the following measures to prevent the theft of Trojan Horse, the attack of the site:

1, install the full function of the security software 2009, which unique "Trojan intrusion interception" function, can be linked to the conduct of horse-mounted web site monitoring, prevent Trojan intrusion users computer, Trojan virus interception in the computer.

2, the installation of "Rising Personal Firewall 2009", it integrates the largest "Trojan Web site", and the daily upgrade cloud security system Capture horse Web site, can be the first time to intercept the horse-hung website.

3, the use of rising card "vulnerability scanning and repair" function, can help users to repair the system loopholes, to prevent the use of the horse Web site to attack the various vulnerabilities.

Appendix: Review of Typical horse-hanging events in the first quarter

1, "Ticket china" site was hung horse. January 21, 2009, the popular ticketing website "Ticket China (piaocn.com)" by hackers malicious horse, the Web page was embedded malicious code, the code is in the domain name http://####.706sese.cn server.

2, "Hunters plug" was hung horse. March 2, 2009, net play home popular "Hunter plug" program was hackers hanging horse, with poison Web page for Hunters plug-in embedded Web page, the player in the use of Hunters plug, will automatically open that is hanging Horse's web page, leading to poisoning.

3, "need timetable" was hanged horse. March 9, 2009, netizens popular "need timetable" software was hacked horse, technical analysis indicated that "need timetable" embedded in the Web page was hacked into the Trojan, when users use the software to query trains, will be attacked.

4, "Cool dog" software was hung horse. February 25, 2009 and March 14, "Cool dog" software was two times to hang horses. Because the hacker implanted Trojan has no typical characteristic, the poisoned user is unaware that his computer has been attacked, which brings great risk to the user.

8F6 website Home Starter www.8f6.cn