Hackers Design More Surreptitious and Complicated Attacks
A new research finds that hackers are launching ever more surreptitious and complex attacks to successfully evade conventional signature-based anti-malware solutions.
The recent report on Web Security Trends from IT Security Company Finjan noted that there was an increasing number of "affiliation networks" that relied on "hosted model" for malware. These make use of ready-made packages of malicious code to hijack popular websites including government domains.
In a new trend, cyber crooks are keeping an eye on the IP addresses of potential victims surfing targeted websites. This process exposes users to malware only once after which the code vanishes altogether. Finjan noted that the attackers use these techniques to conceal web code from web crawlers, reputation engines and URL filters.
While websites operate affiliate programs to pay other companies to divert traffic towards their sites, hackers are utilizing similar commercial model to gain financially from malware corruptions. The compromised server hosts the malicious code and hackers use it by mentioning their affiliate in the code injected in different websites. Eventually, the website executes malicious code and the owner of the website gets reward according to the number of infected visitors it facilitates to the site.
This technique enables hackers to infect greater number of users, at the same time avoid detection. It could also endow hackers with enhanced power, said Yuval Ben-Itzhak, chief technology officer at Finjan. ComputerWeekly.com published Ben-Itzhak's statement on June 6, 2007.
The scenario now is that financially motivated hackers are employing better and sophisticated techniques such as code stupefying and elusive attacks, to slip past traditional signature-based applications that rely on relevant database. This is possible because these applications were not created to recognize such dynamic web attacks, Be-Itzhak said in other statement, as published by Earth Times published in the end week of May 2007.
Combination of such elusive attacks and code obfuscation methods considerably improve the capability of hackers to remain unspotted, Ben-Itzhak added. Finjan also said the attacks demonstrate the level of technological sophistication of the hackers and the serious challenge they pose to the IT group.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 21-06-2007