Malicious Code in Cached Web Pages Served by Storage and Caching Servers

A new report by Web security Solution provider Finjan highlights the discovery of malicious content residing in cached web pages on storage and caching servers, such as those used by ISPs, enterprises and leading search engines.

"This malicious code can be referenced by third-party web pages and can be used to exploit an end user's machine," said Yuval Ben-Itzhak, Finjan's Chief Technology Officer. "Even if the malicious site has been taken down, its malicious content is still stored and served by the caching servers. The exploit can result in the installation of Spyware, Trojans, and other malware that compromise a user's privacy and identity."

The report presents several instances of malicious code found on public storage and caching servers. "This is more than just a theoretical danger," Ben-Itzhak said. "Owing to this exploit, it is possible that storage and caching servers could unintentionally become the largest 'legitimate' storage venue for malicious code.

Such 'infection-by-proxy' introduces new risks for businesses and consumers." Ben-Itzhak noted that as the number of malicious sites continues to increase, it is important to raise users' awareness regarding the potential dangers that may be lurking in cached web pages.