Old Web Threats Convoluted to Appear Double Dangerous
According to MX Logic Inc., provider of security service, older security threats have reemerged representing another trend in hacking techniques that are successfully escaping from detection and methods of remedy.
MX Logic Threat Center said that during January 2008, it identified two different incidences of security threats that established new attack vectors.
The Center also said that in the summer of 2007, a massive amount of PDF spam where messages are sent through PDF documents was sent out, representing a significant increase in this variety of spam.
Director of Threat Management, Sam Masiello, MX Logic, said that the MBR or Master Boot Record virus rootkit as well as drive-by pharming are clear representation of next-generation Web attacks. These attacks utilize familiar techniques with blend of unknown intrusion techniques that are even more stealthy and malicious than any previous malware ever recorded, as reported by itbusiness.ca on February 26, 2008.
Masiello further added that there has been a cross-over from superficial and dull hacking tactics to professionally-crafted and manipulative tricks, driven with financial motive.
The drive-by pharming assaults, according to MX Logic, took shape in January 2008 when it found that the drive-by pharming trick automates execution of spoofed Websites by modifying the DNS (Domain Name System) configurations on wireless access areas and routers that continue to employ default-set passwords.
According to MX Logic, a rootkit attaches itself to the target computer and effectively helps hackers to carry out their malicious operations, therefore, computer hackers are beginning to elevate these rootkits to an advanced level and place them onto the MBR. The process shifts the rootkits from the operating software making them even hard to detect and clean.
Talking about the hacking method, the security company said that the tactic of drive-by pharming is an attempt to twist an earlier hacking technique. But in the present time, there are several effective tools available for Windows with which modified files can be monitored.
Masiello concluded that companies and individuals carrying out online business transactions should know about their exposure to such attacks that can strike silently, and therefore, proactively safeguard themselves from becoming their victims.
» SPAMfighter News - 04-03-2008