Malware widget infects 500,000 to 5 million sites

Both Brian Krebs and Andy Greenberg (Forbes) are reporting that Network Solutions’ “parked” domain-default registered sites that have not been updated, which number between 500,000 to 5 million, have been infected with a compromised widget from GrowSmartBusiness.com.

By compromising GrowSmartBusiness.com, the attackers were then able to compromise the widgets deployed on the third party sites controlled by Network Solutions. While a widget gives a company tremendous leverage, so too it gives attackers leverage.

From a site owner’s perspective, no matter how rigorous you are with the security of your own site, you also must monitor all third party software you allow on your site, such as third party widgets and advertising networks.

From a corporate security perspective, URL filtering by itself provides no security. You may use URL filtering to control internet use, but that’s it. You must check all components of every web page being downloaded by every user with web access, all the time, whether the user is on your site or remote.

Finally, if you have users performing high risk transactions or processes, and those users also can browse the web, you must assume that their computers are compromised.