Cyber-Criminals Send Microsoft Their Malware By Chance
According to Rocky Heckman, senior security architect at Microsoft, when hackers write viruses that result in the collapse of their computers, the malware they develop is commonly transmitted straight to Microsoft. ZDNet published this on August 27, 2010.
Heckman stated that when the collapse occurred in the hacker's Windows computer, similar to standard Windows crashes, the user thought it right to transmit all errors caused, together with the malware, to Microsoft.
Said Heckman, they've been regularly receiving virus codes from people while the latter tried creating the viruses when their computer systems kept collapsing. According to him, the stuff that came to Microsoft was amazingly large.
One more interesting fact pertained to the numerous assaults which struck Microsoft.com daily. According to Heckman, due to such assaults against the Microsoft website, the software organization got to know about the nature of the most popular cyber-attacks. Winextra published this on August 27, 2010.
The researcher stated that the foremost activity the script kiddies engaged in was to bombard all the said kind of assaults on Microsoft.com. The number of attack incidences the site underwent was a mean 7,000-9,000/sec, he estimated.
Furthermore, Heckman stated that the most popular techniques of hacking i.e. SQL injection and cross-site scripting (XSS) attacks hadn't altered during the 6 years that just passed and that was attributed to two reasons. First, the criminals followed what they were familiar with, and second, the virus writers weren't listening.
Said the senior security architect, malware writers must regard all the stuff an end-user fed as damaging, unless established otherwise.
In the meantime, at the security conference about hacking under Microsoft's Tech.Ed 2010 held on August 27, 2010 in Australia, Heckman elaborated the 5 most popular hacking techniques to all the attendees there along with how developers could best remain safe from getting victimized with them.
Heckman elaborated the way malware could be created for using it in SQL-injection and XSS attacks. He further said that though the malware was not something which could not be collected from the Web, he suggested it be sensibly used towards helping in efforts for self-defense.
Related article: Cyber Child abuser Sentenced To Imprisonment
» SPAMfighter News - 01-09-2010