Malware attacks on 327,000 Asian websites, including up to 10 here
YOU may have unknowingly exposed your computer to viruses or other malicious software, if you visited websites such as the local classifieds portal listings.com.sg in the last two weeks.
Most of the affected sites are now undergoing maintenance or have been restored.
During the attack, the hacker sends malicious code to a website. The compromised website directs visitors to another site hosting malicious software â€” or malware in IT jargon. The malware allows the hackers to steal passwords or access information stored in personal computers if they have not been properly secured.
The attacks targeted Chinese-language websites and exploited vulnerabilities in Chinese-language software installed on computers such as Xunlei Thunder DapPlayer, said Trend Micro.
This shows that the "malicious activity was targeted specifically at sites in China, Taiwan, Singapore and Hong Kong", it added.
Trend Micro's regional managing director Goh Chee Hoh told Today: "This is a big attack. Trend Micro has observed a spike in the number of attacks recently and we envisage more such large-scale attacks in the near future."
F-Secure's security response team manager Chia Wing Fei said such attacks would only be successful if the web page is not well-designed.
Its investigations showed that most of the compromised websites in China, Taiwan and Hong Kong were commercial sites, such as those of kitchenware company Tafel's and Tianjin Lishen Battery.
Symantec Singapore's manager for systems engineering Ronnie Ng said the IT security company had been monitoring and assessing the threat from these attacks.
The best way Internet users can protect themselves, Mr Ng said, would be to ensure that their operating systems, applications and security software are updated regularly, since "the attacks target old and unpatched vulnerabilities in a person's computer."
As Minister for Community Development, Youth and Sports Vivian Balakrishnan said at the launch of the second Infocomm Security Masterplan last month: "The work in information and communications security is not only confined to infocomm security professionals.
"We really need everyone to become mindful of security practices at home, in school or in the office ... Only when there is universal awareness and consciousness will we then make it more difficult for cyber-attacks to be launched and propagated."
The $70 million Infocomm Security Masterplan 2 aims to engage the public and private sectors, as well as individuals, to combat emerging cyber-threats over the next five years.