In what has been labelled as a jaw dropping revelation, about five million websites hosted by Network Solutions dishing up malware for several months. "This is one of the biggest infections for drive-by download attacks that I've seen," said Wayne Huang, co-founder and CTO of Santa Clara, Calif.-based Armorize Technologies, a Web application security company, while highlighting the seriousness of the threat. However, Huang’s estimate of 500,000 to five million has been denied by Leading Web Hosting Provider Network Solutions but the company failed to furnish own count.
Huang added that researchers at his firm initially traced the infection to a widget installed by Network Solution on its website: GrowSmartBusiness.com site for allowing user web design services online. They further discovered that the malicious widget was installed by default on all "parked" domains hosted by the Herndon, Va. website hosting and domain name registration services provider giant.
Park domains can be understood as domains that have been registered lack any owner-provided content. It may be recalled that malware makers and scammers have previously exploited such underconstruction websites to outbreak virus or attack code or manipulate search site rankings. "The largest mass infection I can remember was 1.1 million pages," said Huang. "This is a lot bigger."
Network Solutions has raised questions on Huang's estimate. "The numbers reported over the weekend are not accurate," said company spokeswoman Susan Wade. "We're still investigating to determine the number affected." The company, however, has turned off widget on all parked domains and set the GrowSmartBusiness.com in offline mode. But the widget is still present in about 5,700 active websites that had installed the widget manually.
