Even Personal Blogs Are Sold on the Black Market

By   ISBuzz Team
Writer , Information Security Buzz | Nov 03, 2014 05:03 pm PST

Hacking is a sad reality, but Drupal is doing a very good job of mitigating the risks, by quickly making people aware of them.

As soon as a vulnerability in popular CMS platforms like Drupal is discovered, millions of crawlers operated by hackers (similar to Google bots) start searching for vulnerable websites. Once a victim is identified, their website gets hacked, patched (to prevent “competition” to overtake the same site) and backdoor’ed. Within several days, access to the compromised website will be sold on the black market, more than likely to several different customers at the same time who each may well resell it several more times. Like this, your personal blog may be easily involved in a dozen different criminal offenses such as hosting illicit content, sending spam, and infecting visitors, to name just a few.

Featured Download: Social media access at work. Do your employees know the rules?

Many people simply don’t realise that their website is a very attractive target for hackers. Obviously, hackers don’t aim to hack their particular website, they just need to hack as many as they can: to steal visitors’ traffic and to infect visitors with malware that turns their PCs into bots to perform DDoS attacks or send spam. Any website (even your personal blog!) can be easily sold on the black market – the price mainly depends only on how popular/reputable the website is. So, the more websites hackers have to sell, the bigger the volume discount. However, if you offer to sell tens of thousands of websites at once, you can get enough income even with large discounts. This is just one of the reasons why hackers are looking for websites that are easy and quick to hack into.

By Ilia Kolochenko, CEO, High-Tech Bridge

About High-Tech Bridge

high-tech bridgeHeadquartered in Geneva, Switzerland, High-Tech Bridge provides customers in Europe, the United States, the Middle East and across the globe with information security services such as penetration testing, security auditing, computer crime investigation and web application security testing.

In 2012, analyst firm Frost & Sullivan recognised High-Tech Bridge as one of the market leading service providers in the ethical hacking industry. High-Tech Bridge also received the prestigious Online Trust Alliance Honor Roll award in 20122013 and 2014.