Widgets may be fun and convenient vessels for spreading content and ads on the Web, but there’s a sinister side to them, according to Neil Daswani, the CTO and co-founder of Dasient.
Daswani took his message to the Black Hat security conference in Washington this week, where he delivered a presentation outlining the vulnerabilities of widgets, warning website owners to defend against their content becoming a vehicle for delivering malware.
“Ad widgets, when compromised, can be used to spread mass malware infections across the most highly trafficked websites on the Internet,” Daswani said.
Among the most targeted widgets are those associated with audience measurement from services like Google analytics, and widgets built on third-party APIs from Google and Facebook.
eSecurity Planet has the details on Daswani’s warning about widget-borne malware.