We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Child porn targeting forums using web script

Sophos says Java-based content is to blame

Child pornography is being injected into web forums by hackers using Cross Site Scripting (XSS), a technique typically deployed to distribute malware.

According to Sophos principal virus researcher Fraser Howard, the attacks occur because many websites allow Java-based content on their forums, or do not require adequate user authentication for posting.

"Some of the same techniques that malware authors use in order to infect victims with malware are being used to distribute links and drive traffic to all sorts of web content," Howard said.

"The attack targets legitimate message boards with hidden links to direct users to child pornography sites, and was even found on a site designed for children.

"Web hosts must deploy web filters which filter based on website categorisation, and inspect the code of every linked website prior to granting user access," Howard said.

"All user content must be screened prior to posting because any unprotected website can be targeted by cyber-criminals trying to spread malicious content."

Sophos has reported the targeted sites to online content regulator the Internet Watch Foundation.

www.computerworld.com.au


IDG UK Sites

How to watch the Windows 9 launch event: no live video stream so catch our Windows 9 launch live...

IDG UK Sites

Windows 9 and the death of the OS as a must-have product

IDG UK Sites

Video trends: 4K is here โ€“ HDR video, VR and 3D audio is coming

IDG UK Sites

Best iPhone 6, iPhone 6 Plus deals: iPhone 6, iPhone 6 Plus tariffs, contracts and prices UK