Porn Sites Used To Be Riddled With Computer Viruses. You’ll Never Guess Where the Malware Is Now

Innovation, the Internet, gadgets, and more.
May 24 2012 7:54 PM

Unprotected Sects

When it comes to computer viruses, you’re now more likely to catch one visiting a church website than surfing for porn.

(Continued from Page 1)

Most of the porn sites that withstood the consolidation have beefed up their security considerably. At a porn expo this month in Miami, Merighi says that nearly all the webmasters he talked to subscribed to one of a few well-established hosting services. “Two to three years ago is really when it became much more of a part of your business plan to look at how you’re going to secure your site.” The credit card companies have pushed the process along, requiring privacy and disclosure standards for any site that processes customers’ financial information.

According to Symantec, pornographic sites now rank at the bottom of the top-10 list for malware threats. Blogs are first, followed by personal and self-hosted sites, business sites, and shopping sites. Religious sites aren’t a category unto themselves, but are split between blogs, self-hosted sites, and “education/reference” sites, which rank fifth on the “most-infected” list.

McAfee, another leading Web security firm, doesn’t break down its threat statistics by website category, but McAfee Labs security strategist Toralv Dirro tells me he isn’t surprised by Symantec’s findings. Malware is on the rise across the Web, he says, and small sites—including personal blogs, religious and nonprofit sites, and small business sites—are among the hardest hit.

Advertisement

The people who run these sites often assume that there’s safety in their obscurity. What hacker is going to bother installing a Trojan horse on a personal blog that gets only a few hundred hits per day? But these days, many hackers don’t even look at what sites they’re targeting, McAfee’s Dirro explains. The spike in malware is a result of a proliferation of downloadable attack kits, which automatically scan the Web looking for sites that appear likely to have vulnerabilities in their code, regardless of their actual content. The attack software probes for weaknesses, then automatically injects malware wherever it finds them. It just happens that church sites tend to be among the weakest.

Symantec’s numbers back that up. It found 403 million different variants of malware in 2011, a drastic increase from 286 million in 2010. And it found 55,000 malicious domains, a jump from 43,000. Three out of five attacks were the work of software kits.

How can devout churchgoers—or avid porn-surfers, for that matter—protect themselves when visiting their favorite sites? In many cases, you can’t—the malware installation begins as soon as you load the page. Norton, McAfee, and several competitors offer free and premium programs that assess sites’ risk levels before you visit them—a good precaution for the paranoid, though others might find the browser clutter almost as annoying as the malware they’re trying to avoid.

Once you’re infected, the symptoms can range from the irritating (programs that send your friends spam links from your email or social media accounts) to the insidious (those that log your keystrokes and steal your personal information). Among the most devious are rootkits, which can burrow beneath your computer’s operating system and take control of your machine, blocking your attempts to download the anti-virus programs that could knock them out. In these cases, professional help may be the only option.

The easier solution is for the websites themselves to clean up their act. Jose Gomez, who runs a business called NetMinistry, which does Web design for religious organizations, is among those trying to professionalize the religious content-management sector. He regularly evangelizes to his clients about the importance of Web security. Some churches are getting the message about the dangers of reaching their parishioners on the Web, he says. But others are more interested in growing their flocks, and take a devil-may-care attitude to safety. “Churches are racing to grow and to stay alive,” Gomez says. “In that race, they’re cutting a lot of corners and adapting technologies faster than they can handle.”