A new trend that is occurring in a lot of new software, commercial and open source, is the ability to check for updates and install the latest version within the program itself. Now I always love this feature in software and means that I always have the latest version of the application. However the problem with these updates is that they are 100% trusted as safe from the end user and with more and more applications implementing this feature, it is only a matter of time before hackers start to attack these application to distribute their malware.
Since more independent software makers are including this feature into their applications, it wouldn’t be a stretch of the mind to think that their website has some security holes which could allow an attacker to take control of the webserver with a shell script or something similar.
Now say an attacker has uploaded a php script that takes advantage of the shell and even uses a list of php functions to help his attack. If the software is hosted on the same server, the attacker could then find out how the software checks for updates and trick the application to think that there is a new version and point the download location to where his malware is hosted. Now the end user thinks there is a new version, downloads it and now he has a virus on his machine.
With more and more applications including this feature, it would be possible to find an application that is hosted on a shared hosting environment, and even if their website has no security faults an attacker could potentially perform the same attack but was able to get his/her shell script onto the server through another website hosted on the same machine.
Now it will be interesting to see over the next couple of years to see how common this becomes, and its definitely not a stretch of the imagination that this could happen to a large company as Kaspersky was recently hacked through an sql injection on their website.