network has become an indispensable part of our daily life, coupled with the rapid growth of today’s mobile devices, the Internet has become another important resource for young people. However, when we enjoy the convenience of Internet technology, network security issues are increasingly becoming the focus of society. We visit social networking applications, shopping sites in daily life, when the bank / telecom / public service site, we usually think that they would not cause harm to our malicious web site, thus, we think that these sites is relatively safe for us, you can be assured access, but there is no consideration of these websites can trust it
website invasion perspective
on the network Compromised Website translated as "compromised" or "invasion" of the site, when a site is compromised, then the meaning of this site was invaded.
why cyber criminals to compromise (Compromise) of a website, its main purpose is to use this website in reputation audiences to achieve their purpose of the crime, while using CPU, network bandwidth and hosting resources of compromised Web site, etc..
the value of an invasion site
network security tools most needle site security usually rely on the known to contain malware, phishing or spam product database, which also contains a known trusted site and reputation mechanisms in order to assess an unknown site. So the invasion of a well known web site provides a platform for cyber criminals to prepare for the appropriate attack / assault without being blocked by security software. In addition, hackers are also free hosting host and all related resources, such as bandwidth and computing power. For these reasons, the site has been compromised is very useful for criminals to spread malware, malicious people usually try to find loopholes in the system, resulting in the same number of hundreds of thousands of software running in the site can also be compromised. Here are a few examples of the use of compromised websites by hackers to spread malware.
via compromised website
is widely used to redirect user access in spam attacks. Once the site is compromised, a simple HTML file is placed in the "subject" directory, and the URL is sent to millions of users by email. HTML file includes a simple redirect code and a common message. When the user opens the spam, find a reputable site connection, users can click on the URL in the mail, but actually being compromised by a website to redirect a purpose other website, so as to achieve the purpose of cybercriminals. In this case, the site is still functioning, so it will not immediately alert the site owners to find the site is assisting in the distribution of spam ads.