3 Years
Discussion Span
Last Post by Hiroshe

The majority of malware is installed by social engineering, not browser exploits. A script crawling the web will not be vunerable to this kind of attack (unless you write a crawler that speficially finds these kinds of sites, and tests them in sandbox's for statistical purposes).

Furthermore, most web crawlers collect statistics on text, and capture text based data, while ignoring binaries. It is possible for it to capture and save a malicious piece of some client side script. The crawler itself will probably not attempt to run scripts (unless the crawler is saving pictures of rendered webpages - in that case the browser is likely running in a sandbox, plus the platform of the crawler is relavent if infection is the goal). If the crawler captures a malicious piece of some client side script, and then a user views that malicious script, and the captured information is unescaped/sanitized, then there is a potential for the user to be infected. However, browser exploits are rather difficult nowadays.

So the answer is unlikely.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.