Wednesday, January 14, 2009

Malware attack via Internet

Far away were actions typical of old viruses, whose methods malicious of infection consisted were in specific modules attack that are propagated through a diskette. In this part of history, the situation changed dramatically and the malware found on the Internet to channel ideal half the stronger and more effective attacks.

Under this issue, one of the methods used is to run malicious code on a transparent to the user, at the very moment that accesses a particular website. One of the techniques used is Drive-by-Download.

The attack is canalized, generally, through the injection of iframe labels, in the body of HTML code, that opens of way transparent and parallel to the opening of the original page, another page that contains one or several scripts obfuscated.

Each of these malicious scripts hides one or several exploits to take charge of searching, in the victim equipment, the specific vulnerability for which they were developed.

When the user accesses the page breached can see, for example, a single point in the browser window. Something like this:

But when you look at the source of the page shows the injected code, similar to the following:

However, not all are bad omens because there are countermeasures to mitigate such attacks effectively, and as simple as reading this text. The countermeasure is simply update the information environment with security updates.

# Jorge Mieres

No comments: