SOURCE: Armorize Technologies

Armorize Technologies

May 24, 2010 10:18 ET

Armorize Technologies Warns World Wide Web Users Against BoingBoing.com, Visitors May Be Drive-By Download Targets

Visitors Seeking Popular BoingBoing.net Site Who Accidentally Visit BoingBoing.com Could Become ID Theft Victims

TAIPEI, TAIWAN--(Marketwire - May 24, 2010) -  Armorize Technologies, a provider of integrated Web application security solutions, today announced that its scans of the World Wide Web have revealed that the website www.boingboing.com is infected with malware that could be causing site visitors to become drive-by download victims. Drive-by downloads occur when Web users visit malware-infected sites and unwittingly download malicious software that can be used by cybercriminals to steal personal and business information. Armorize warns Web users searching for the wildly popular technocratic website www.boingboing.net to be extra careful when typing in the URL or clicking on links that come up in "boingboing" searches on Google, Yahoo!, Bing and other popular Internet search engines. Users that intentionally or mistakenly click on the .com domain could easily become drive-by download victims.

Armorize was able to identify the infected site using advanced technology that will be announced to the US and international markets on Tuesday, May 25, 2010. Media outlets seeking an advance briefing on the coming news and more information on how Armorize was able to identify BoingBoing.com as a malware infected site should respond to the press release's contact information.

"This infection is especially ominous as millions of visitors seeking out BoingBoing.net could easily wind up on BoingBoing.com by mistake," said Caleb Sima, a pioneer of the Web application security field and Armorize CEO. "Using a popular domain to lure in unsuspecting Web users is nothing new, hackers have been doing it for over a decade now. Counting on Web users to make a simple mistake like typing in '.com' as opposed to '.net' can result in drive-by downloads, which can bring criminals valuable information that can be used to turn a profit on the digital information black market."

Site visitors that become the victims of drive-by downloads aren't the only ones who suffer. Organizations whose websites serve malware can wind up on the blacklists of Google and other third-party malware identification services. Being blacklisted can cause organizations to lose site visitors, customers and revenue; getting off of a blacklist can be difficult, costly and time consuming.

BoingBoing.com should not be confused with the BoingBoing.net website, nor should it be assumed that the .com's domain registrant, Network Solutions, or owners are in any way involved with the malware infection. Armorize has notified the owners of BoingBoing.com that their site is serving malware.

For a more in-depth analysis of the malware infection that hit BoingBoing.com, please visit the Armorize blog at: http://blog.armorize.com/2010/05/beware-of-boingboingcom-malware.html

About Armorize

Armorize Technologies is the leading provider of integrated Web application security solutions that protect millions of websites and end-users against malware injections and Drive-by Downloads. With major customers in the financial services, government, telecom, hosting provider and managed security services provider (MSSP) sectors, Armorize protects more Web applications, social network members and website visitors from malware injections and Drive-by Downloads than any other integrated application security solutions vendor. Armorize has some of the largest APAC-based banks on its customer roster, including India-based Bank of India, and some of the largest APAC hosting providers, including Japan-based GMO Web Hosting and Security. Armorize delivers Web application security at key points in the Software Development Life Cycle (SDLC). Armorize Appsec Suite™ integrates static source code analysis and cloud-based malware injection monitoring with Web Application Firewall technology to provide end-to-end Web application security. Suite™ integrates static source code analysis and cloud-based malware injection monitoring with Web Application Firewall technology to provide end-to-end Web application security.

Armorize™ and HackAlert™ are registered trademarks of Armorize Technologies. All other trademarks are registered to their respective companies. Copyright © Armorize Technologies 2010.

Contact Information

  • CONTACT:
    Joe Franscella
    Trainer Communications
    925-271-8213
    Email Contact