Web Browsers - The Prime Target of Malware Authors

As per the security firm 'Symantec', authors of harmful software will shift focus from attacking the Windows operating system to web browsers.

Symantec explains that presently there are numerous attacks - like drive-by downloads - that depend on a web browser to enter a system so that they can download harmful software in the Windows system. This restricts them to operate only on the Windows computers.

With the development of the web browsers, programs have become able to operate within them. An assault using this method can operate on any system or device running an appropriate browser.

These attacks are launched when users access web pages that look undisruptive or harmless but actually carry unknown harmful codes intended to incapacitate a system or compromise privacy. The outcome of the attack may be as plain as a crashed browser or as somber as theft of private details or the loss of secret proprietary data.

Symantec's Director of Security Responses, Dave Cole, said with web 2.0 skills, there has been so much of the logic that can be done on the server being done in the browser, as reported by Computeractive on June 24, 2009.

Moreover, such attacks will find it difficult to persist than those that attack the operating system. Perhaps they remain operative as long as the browser is opened, but since browser is available on numerous devices which include games consoles and smartphones, they could have a broad reach.

For example, "Clickjacking" is a recently found threat which unnoticeably places harmful links indiscernibly under the mouse. When the user clicks on the affected web page, the invisible link is activated. The attacks employ frequently used techniques like JavaScript events which enable the abuse broadly effective and tough to avert.

In addition, during 2008 some application security experts discovered that a familiar browser attack method had extensive implications than previously thought. They also claimed that hackers using the method could compel users to click on basically any content they pick.

Related article: Web Browsers Too Have Security Exploits

» SPAMfighter News - 7/8/2009