Web 2.0, AJAX Bring New Era of ThreatsBy Matt Hines | Posted 2006-06-16 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Viruses that use technological advances such as AJAX to help deliver their payloads will likely proliferate as malware writers find ways to utilize these Web development tools.Malware attacks created using emerging Web development tools such as AJAX are expected to begin showing up more frequently, as writers of malicious code match the skills of their legitimate counterparts.
With the arrival of the Yamanner virus targeting Yahoo Messenger on June 13, industry analysts and security software vendors say the era of what might loosely be called Web 2.0 threats has arrived.
While there have been few high-profile manifestations of such threats, including Yamanner and a similar attack that shut down News Corp.'s MySpace social networking site in October 2005, it appears inevitable that more AJAX worms and other variations on the theme will appear.
"There's a developer education issue that needs to be figured out before we get too far into the use of AJAX, to make it safer for everyone," said Andrew Jaquith, an analyst with Yankee Group, in Boston. "It's early in the game now, but these are likely to be the avenues that malware writers will be looking at and the most popular AJAX implementations will be the first targets."
Interestingly, some of the earliest adopters of AJAX technology have been companies that have traditionally avoided high-profile attacks, such as Apple and Google, along with more frequent malware targets such as Microsoft and Yahoo. It will be incumbent on those firms to ensure that their applications have been thoroughly tested against Web 2.0 threats, Jaquith said.
Read the full story on eWEEK.com: Web 2.0, AJAX Bring New Era of Threats