Security specialist predicts RSS spyware
The lack of spam and spyware associated with RSS is one of its big selling points, but according to a software security expert, at least one of the advantages could be short-lived. Robert Steinnon, director of threat research at anti-spyware company Webroot, said spyware could soon be delivered through RSS feeds.
Steinnon’s remarks at last week’s IT Security Summit were reported in a TechWeb article. (Thanks to SAP’s Michael Redford for the pointer.) Speaking about his concern that RSS will be exploited to distribute adware and spyware, Steinnon said,
Already we’re seeing marketers look to RSS. A recent list by marketing types on why RSS is better than e-mail, for example, had ‘no more annoying complaints about spam’ at number 8. Where marketers go, adware and spyware writers follow.
The threat to RSS was one of six predictions Steinnon made in his remarks. Another: Spyware targeting the Firefox Web browser will make its appearance. Not scared yet? How about attacks via blogging software applications?
If a spyware writer finds a way to inject code into a blogging site—which could take the form of a SOAP object—most likely through a future vulnerability in Internet Explorer 7, then everyone who subscribes to that service’s blog RSS feeds is gonna get infected.
Coupled with the automatic distribution of infected blog posts via RSS, such attacks could be huge and fast.
I can’t say I’m surprised by Steinnon’s predictions, but they are nevertheless disheartening. Let’s hope Webroot and its competitors can find a way to stop these attacks before they begin. I’d hate to see another set of great tools done in by the greediest and least ethical among us.
06/13/05 | 2 Comments | Security specialist predicts RSS spyware