We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,078 News Articles

Child porn targeting forums using web script

Sophos says Java-based content is to blame

Child pornography is being injected into web forums by hackers using Cross Site Scripting (XSS), a technique typically deployed to distribute malware.

According to Sophos principal virus researcher Fraser Howard, the attacks occur because many websites allow Java-based content on their forums, or do not require adequate user authentication for posting.

"Some of the same techniques that malware authors use in order to infect victims with malware are being used to distribute links and drive traffic to all sorts of web content," Howard said.

"The attack targets legitimate message boards with hidden links to direct users to child pornography sites, and was even found on a site designed for children.

"Web hosts must deploy web filters which filter based on website categorisation, and inspect the code of every linked website prior to granting user access," Howard said.

"All user content must be screened prior to posting because any unprotected website can be targeted by cyber-criminals trying to spread malicious content."

Sophos has reported the targeted sites to online content regulator the Internet Watch Foundation.

www.computerworld.com.au


IDG UK Sites

Swatch to release its own line of smartwatches to rival iWatch

IDG UK Sites

From the iPhone 6 to the iWatch and a new Apple TV we look at the products Apple is set to launch...

IDG UK Sites

Miranda July's Somebody app offers a very unusual take on messaging

IDG UK Sites

The 7 most ridiculous iPhone 6 rumours: what Apple WON'T reveal on 9 September