October 31, 2013

Russian anti-virus company Doctor Web is drawing the attention of users to the sharp increase in the number of sites that redirect users of mobile devices to other malicious sites. Those visiting such sites from desktops or laptops are in no danger. But users of Android handhelds are a different matter. To avoid visits to such sites from mobile devices, Doctor Web invites everyone to visit the Dr.Web URLologist section of its site where they can learn more about mobile redirects and other contemporary URL hazards.

Even if you are confident that you use your mobile device to visit only well-known, completely safe sites, this misconception may result in significant financial losses. Moreover, even owners and administrators of compromised sites can be unaware of the dangers posed to their visitors.

The majority of websites are controlled via CMSs (Content Management Systems) which are used to edit and publish content and promptly change a site's design and structure. Most modern CMSs are distributed under the terms of open source licenses, i.e., for free, which means anyone can become familiar with their source code. This enables attackers to analyse the structure of the CMS components to find vulnerabilities and exploit them to compromise sites administered by means of the CMS.

If the attackers' goal is to infect Android handhelds, a user who loads the site on their desktop or laptop will see nothing out of the ordinary. However, if the script embedded by cybercriminals into the site determines that a site visitor uses an Android device, that user will be immediately redirected to a malignant site from which malicious software can try to sneak onto the device or a phishing attack can be mounted.

With the help of compromised websites, cybercriminals can spread various malware programs, the most "popular" being the various modifications of Android.SmsSend. Trojans of this family are designed to send SMS messages to premium numbers and to subscribe users to various services with chargeable content so that a fee can be debited from the subscriber's account. However, apart from this category of malicious programs, adware, banking Trojans and spyware that forward confidential information from infected devices to criminals can also get onto Android devices from such sites.

According to Doctor Web's analysts, about 3% of websites in the Russian segment of the Internet redirect users of Android smartphones and tablets to malicious sites that spread dangerous software. In absolute terms, more than 45,000 sites can infect a variety of Android-powered devices with Trojans. With fraudulent and phishing sites, the total number may be as high as 100 thousand to 200 thousand.

The updated section on Doctor Web's site is meant to warn users about the danger. It can be especially relevant to those who have not installed anti-virus software on their mobile devices. However, please remember that full-fledged anti-virus protection is the best safety measure. As far as mobile devices are concerned, you may want to take a closer look at Dr.Web Mobile Security, and for comprehensive protection of a PC/ Mac, consider Dr.Web Security Space.

Doctor Web recommends that you exercise caution while surfing the World Wide Web and keep Dr.Web close at hand during your journeys! We would also like to encourage owners of Internet sites to add appropriate online forms on their web pages that will help their visitors check suspicious sites for mobile redirects.