URL Reputation in a Digital World

One can't emphasize enough that that the best protection against hacked websites is a smart URL filter with an abilty to recognize in real-time web-page content and malware threats.

Recently the malware "industry" was caught experimenting. All it takes is a tiny <iFrame> set to zero and a teeny tiny bit of code called from a remote server to test the user agent of the browser. Since Android is over 50% of the smartphone market and draws the most malware target practice, more than half of the time this kind of exploit will work - unchecked.

Such an attack is easy, the tiny code simply checks the browser user agent string and processes a script on a remote server if a smartphone browser identifies it self as an Android.

If it's an Android, the malware immediately attempts to access a remote page that triggers a download - all other mobile and PC based browsers do nothing or serve a blank page, but since the server returns an Android app the Android browser automatically downloads and installs it.

How do you help your customers protect your organization?

The easiest way is with an OEM solution and a partner like inCompass® that can provide your integrated with a malware category which allows your solution to automatically blocks access. Setting a zero sized <iFrame> is only one way malware is distributed, but the malware play always relies on access to a URL or IP, and that's why active URL categorization and reputation reporting is so value. After all, a phone isn't able to support a full AV suite on the phone, so solutions which rely on active URL processing are critical to mobile security and safety.