Online Forum 4chan Under Attack Via New Technique of Malware Obfuscation
MMPC or the Microsoft malware Protection Center, the software company Microsoft's Internet software security wing reports that they've detected one new method of obfuscating malware that is being used against 4chan an online forum.
Explains the Center that the attack based on social engineering starts with the computer operator getting a 'Portable Network Graphics' (.PNG) file, which compresses its data as an image that's pretty harmless.
On investigating, the security researchers at Microsoft observed that they seemingly found the process as part of the evolutionary procedure of an exploit called 4chan.js. Moreover, the situation they noted depended on an end-user's faith in image files as well as his unfamiliarity about 'HTML Application' or .HTA files.
Meanwhile, staff members of 4chan seeking to prevent the assaults are now deleting the numerous fake topics that the malware created. Nonetheless, the threat isn't occurring for the first time. The earliest assault based on social engineering that used this technique happened way back in 2008. Since then a number of mutations have occurred, according to the MMPC.
Says Johnson, the MMPC advises users that they shouldn't follow any direction accompanying a random graphic before them. Moreover, this should be particularly so when the directions involve changing the file to a random format and subsequently executing it. Indeed, the Center advises users not to execute arbitrary .HTA files under any circumstance, the MMPC researcher tells.
Related article: Online Card Fraud Shows Greater Tendency Than Chip and Pin
» SPAMfighter News - 18-08-2010