Google finds Microsoft IIS web servers hosting malware

1 min read

Web servers running Microsoft’s IIS web server software are twice as likely to be hosting malware as other site servers, according to Google.

In its research, Google’s newly-formed Anti-Malware team says it scanned 70,000 domains that were either distributing malware or hosting attack code, according to Google’s Nagendra Modadugu in his Tuesday blog. “This is potentially bad news for the web hosting industry, as it sheds new light over the complex issues surrounding website security in a hosting environment. It’s not just the web server application that can be attacked, but the programming of the web site itself, which is a platform independent issue,” says Geoff Sweeney, CTO with behavioural analysis software specialist, Tier-3. High profile cases, such as computer hardware giant ASUStek, which recently had its web site compromised, created a situation where visitors to the website may have been attacked simply by accessing the site itself. The integration between attacks originating from popular web sites and desktop-based vulnerabilities is particularly concerning given the potential for massive infection rates, says Sweeney. “It shows, once again, that conventional approaches to IT security software are not enough to keep malware and application exploit attacks at bay,” he adds. “If web hosting companies and major corporates install behavioural analysis software alongside their existing and conventional IT security applications, the amount of compromised web servers and applications would fall through the floor.”