bit-tech.net

Firefox, Opera popular with malware authors

Firefox, Opera popular with malware authors

While Firefox is - perhaps unsurprisingly - the browser of choice for ne'er-do-wells, Opera makes an extremely strong showing.

New research has shed light on the browser habits of the no-goodniks behind drive-by malware websites, with some interesting results.

As reported over on V3.co.uk the research, carried out by Purewire's Paul Royal, shows that the ne'er-do-wells that perpetrate mass infection attempts by the creation of infected webpages which attempt to convince visitors - almost always using Microsoft's Internet Explorer browser - to download and install third-party software without notification or warning prefer browsers with a smaller userbase for their own surfing sessions.

After analysing the toolkits - including the most popular amongst the digital underground, LuckySploit and UniquePack - used to create such sites, Royal discovered that, on average, around 46 percent of the site creators used the popular open-source Firefox web browser instead of Internet Explorer, the browser their sites aimed at infecting. While such a high figure for Firefox amongst the technically proficient is perhaps not surprising - with the browser's market share continuing to grow worldwide - what may come as a shock is that 26 percent of attackers used the Opera browser, despite Opera having a mere 2 percent share of the global browser market.

While a wealth of add-ons for those engaging in web development - both for good and for ill - exist for Firefox, making it an obvious choice for anyone working in that area, Opera is harder to pin down. Perhaps the most likely reason for its use is its minuscule market share: those creating malware download sites are typically developing for the largest possible target pool, which means Microsoft's Internet Explorer is the most commonly targeted browser. The use of a less popular browser - especially one with just 2 percent of the market - is almost certainly a defense against the attackers themselves being attacked.

With a single example of drive-by download code having infected 40,000 sites at a conservative estimate, it's clear that even those in the know are having to take precautions while browsing the web of today.

Have you ever suffered at the hands of a drive-by download site? Can you understand the popularity of Opera amongst such denizens of the net's seedy underbelly, or is it purely a case of making themselves as small a target as possible? Share your thoughts over in the forums.

9 Comments

Discuss in the forums Reply
HourBeforeDawn 24th August 2009, 15:33 Quote
nope I havent but I check my system every now and then for such infection but at my work I would have to say that 92% of the people that come into our shop to have their computer cleaned of malware use IE, we havent had to many come in from people using FF but this makes sense for our town as its not really a tech focused area so the average user in our town uses whatever comes with their computer in this case IE. Still interesting read on the subject.
BUFF 24th August 2009, 17:19 Quote
it doesn't surprise me that technically literate users would opt for a "better" browser than IE & imo that argument holds water for Opera as much as for FF (indeed probably more so as a lot of FF users probably aren't "geeks" but most Opera users quite possibly are).

Also, I think that there's always a bit of a question mark over Opera's real market share given that many people have it set to ID or mask as something else (usually IE). It's not going to be massive but it could well be higher than usually reported.
TheoGeo 24th August 2009, 18:41 Quote
In other news, hackers prefer to use linux!
TWeaK 24th August 2009, 20:08 Quote
That's one of the reasons I still use Opera - not because I make malware, but because it's a much smaller target for it. That and I'm just too damned used to the thing. I know I could make Firefox like Opera with mouse gestures, but why try to make it like something it isn't - and spend all the time trolling through all the different plugins most of which I don't need or want?
Jack_Pepsi 24th August 2009, 22:27 Quote
With the right procautions and for IT enthusiasts, this shouldn't really worry us.
leexgx 25th August 2009, 01:05 Quote
geek here (opera user) the problems with opera are far less then IE and FF, agane for the most part its User fault agane running an EXE when thay should not, saveing grace on vista or 7 with opera is that it does not support UAC admin upmode (sure it does not) so cant brake the browser it self at most you get an download box poping up and avg jo will click run and say hello furadware antivirus 2009

its the muti tab session remember support i use the opera for the most and single process (firefox and IE is more for crash recovery not for day to day session use as opera saves them for use next day)
arflech 25th August 2009, 11:58 Quote
Quote:
Originally Posted by BUFF
Also, I think that there's always a bit of a question mark over Opera's real market share given that many people have it set to ID or mask as something else (usually IE). It's not going to be massive but it could well be higher than usually reported.
Ever since version 8.5, the first one that was both free and ad-free, Opera identified as just Opera by default, and there was no spike in its stats, so likely usage counters could pick up that it was Opera (previously its user-agent string included Mozilla and IE and then Opera).
Casefan 25th August 2009, 16:24 Quote
Wow! A rare win for Chrome here.
NeedlesKane 25th August 2009, 16:51 Quote
i use opera 10 beta 2 and think its the best browser around, cant beat the mouse gestures. though most of my love is purely my own opinion
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums