Keystroke loggers have been discovered at 2,500 malicious blogs and Websites since the beginning of '05, according to Websense Security Labs. Criminals are parking their malware at accounts they open from free services like Blogspot and Yahoo. Traffic is being driven to them by the same means as other mass-delivered malware, but can also turn up in searches, since they're locatable like anything else on the Web.
So hosting service providers need to get their acts together, says Dan Hubbard, Senior Director, Security and Research, at Websense.
"Service providers should limit what upload traffic types it will allow onto a site," he says. "Allow pictures, HTML and text, but don't allow executables."
Since most of these malicious accounts are opened with automated software, ISPs registration process should include some type of authentication that requires a user to see something on the registration page and use that image to authenticate. And there's the obvious: hosting facilities should run antivirus on all their hosting servers and keep signatures up to date.
As for users? The first duh is don't click links in unsolicited mail. If you execute something, you've already told your computer to let it in, which happens the instant a vulnerable browser lands at the malicious site. Which brings me to point #2. Keep your patches updated, particularly on your browsers -- all browsers, not just Internet Explorer. And of course, run that anti-virus continually with automated updates turned on.