Innocent websites being used by hackers to hide child abuse images

0
Have your say

Computer hackers are hiding child sexual abuse images in the websites of unknowing UK businesses, an internet watchdog has warned.

Cyber criminals plant abuse images on innocent business and personal websites in a complex bid to spread malware, software designed to gain access to private computers, the Internet Watch Foundation (IWF) has said.

In one case, a furniture company’s website was hosting images without the knowledge of the business owner.

A total of 392 reports of websites hacked to host child sexual abuse content were received by the IWF between June and December last year, compared to zero in the same period the year before.

In addition, the IWF’s confidential hotline for flagging criminal content on the web recorded a 31 per cent surge in the total number of reports of child sex abuse images found online, up from 39,211 in 2012 to 51,186 in 2013.

Emma Hardy, director of external relations, said: “We had barely seen hacked websites hosting child sexual abuse imagery for some time, then last year we experienced a spike in reports.

“It seems that whoever was behind it used this method to distribute malware. In the process, ordinary internet users were confronted with images of children being sexually abused, as well as having their devices infected.

“The folders of images were often placed on legitimate businesses’ websites Those businesses would not have been aware that this had happened.

“The best way to safeguard against this happening is to have good security and tough passwords to prevent someone from hacking into the administration side of a website.”

Hacking innocent websites to host child abuse images has not been seen in widespread use since 2010, the IWF annual report said. Internet users unwittingly open the illegal imagery when clicking on videos on legitimate adult porn websites, the IWF said. As well opening the images, this triggers a download of a so-called Trojan programme, allowing access the user’s machine.