Online Search for Presley Walker Pictures Result in Malware
Investigators from Websense the security company caution that doing an online hunt to view pictures of Presley Walker a celebrity child on Google is likely to result in malware capable of infecting their computers.
This kind of attack is called drive-by download assault wherein victims become contaminated merely if they directly access a maliciously created website. Usually this happens via exploiting security flaws that are there within obsolete software.
Websense, which spotted the assault first on April 18, 2011, found that cyber-criminals were utilizing Neosploit a toolkit for developing malware that included attack codes for many security flaws within Windows, Adobe Reader and Java.
Over time, the initial assault became different as well as diverted the victims onto fake anti-virus websites.
Says Websense that it's common to have attacks based on search result corrupting; however, a massive number of them actually help in proliferating bogus anti-virus programs, usually called 'scareware.'
Utilized in routine Google search operations, the method as well developed to influence graphic hunt on the Web along with other engines. Meanwhile, it's rather uncommon to have such attacks that morph drive-by download based on attack codes, and scareware, Websense observes.
Importantly, the scareware being spread within the current scam is known as InstallInternetProtectionXXX.exe and merely 20% of the AV engines from VirusTotal could detect it, Websense adds.
Remarking about the said scam, Websense stated that Neosploit was a popular malware toolkit obtainable through illegal means. Its owners apparently ceased updating or supporting it owing to financial constraints; however, there had been frequent updating of Neosploit variants that might include ActiveX (CVE-2008-1898, CVE-2008-2463), MDAC (CVE-2006-0003) along with 3 Adobe Reader (Collab.collectEmailInfo, Util.Printf, Collab.getIcon) flaws to name some, the security company added. Community.websense.com published this on April 21, 2011.
Eventually, since cyber-criminals are intermittently launching the above kind of scams, it suggests that they're utilizing exploit toolkits more-and-more because of their relatively simple way of using. Nevertheless, for remaining safe from such assaults as well as for lessening them, security specialists suggest users to keep their automatic Java updates enabled as also regularly deploy all Java security patches without the slightest delay.
Related article: Online Card Fraud Shows Greater Tendency Than Chip and Pin
» SPAMfighter News - 29-04-2011