Related Links

  • Avast
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Top 5 Stories


How to lose a million customers with malware

02 February 2011

Avast claims that, during January, a million users of its popular IT security software were blocked from visiting online stores which, though they were legitimate, were infected with malware and other security threats.

According to the Czech-based IT security vendor, because the sites were infected, its software protected users by flagging up the fact that the pages were infected.

"With Francoise Saget, we have a perfect illustration as to why it's much more effective – from the public safety perspective – to tell thousands of users about an infected site instead of the individual administrator", said Ondrej Vlcek, Avast's chief technology officer.

"With CommunityIQ members on the internet nonstop, there is a constant two-way flow of information about infected sites between Avast and our users. Getting a hold of a site admin is another issue", he explained.

Vlcek says that his research team noted there was an infection at at 12:20 CET on November 21, 2010.

The infection, he says, was HTML:Illiframe-R, a trojan redirecting unsuspecting visitors to a malware distribution site in China.

Ahead of the holiday shopping season, Vlcek said that his firm decided to directly contact the shop about the infection and emailed them a message – in English and in French – on November 23.

"There was no response. As of January 26, two months after the Avast virus lab found the Trojan malware, the site was still infected. During this time, Avast had blocked 946,376 attempts by its users to visit the infected page", he said.

"The lack of response is exactly what we have encountered other times we've tried to tell websites about infections, even those based near our company headquarters," he added.

The situation, he went on to say, is not untypical, as breaking the news about an infection is a difficult process.

Even after the responsible person has been identified, it is often difficult to convince them that their site has a problem that they should correct.

Another issue, says Vlcek, is that infections are not always activated, whilst the malware is being 'upgraded.'

At the end of the day, Avast says that the safety of the internet is a users' personal responsibility. To remain safe, the company adds, all computer users need a certified and updated anti-virus application on their computers at all times.

This article is featured in:
Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×