Criminals Getting Better At Hiding Malware

Cyber criminals who manipulate websites to hack into computers are getting more sophisticated at concealing their malicious software, according to a security expert on April 19, 2007. This observation was published by Software.

Over years security experts have been predicting that botnets of compromised PCs would remain a very strong challenge for IT community as crooks find ever new ways to employ them for launching attacks.

Criminals use JavaScript to attack computers. But, in doing that they hide the code in Flash animations that makes it difficult to identify it when anyone examines the page source, said Jose Nazario, senior software manager at Arbor Networks during a presentation at the CanSecWest security confab. Enn published this on April 19, 2007.

Nazario further said their stupefying tools, though primitive in make, were very effective. So far, as security measures using signature techniques to identify malicious websites were concerned, the criminals use concealing methods to bypass these simple signatures.

Initially, miscreants employed JavaScript in most attacks but now there is a shift, Nazario said. He has detected one encoded script application called "makemelaugh" that installs a Trojan program to seize bank account information. It could also download a flash animation of Paris Hilton to install a program that compromises a PC and adds it to a botnet. News.zdnet published this on April 19, 2007.

Botnets help its builders to reach more consumers. Therefore, the ease with which these builders use botnet technologies is increasing fast. Botnet creators also sell their botnets for a wide variety of purposes. As a result, there exist a large number of botnets for business on the online market. Several powerful organizations seem to take over a number of botnets through consolidation, Nazario said. Computerworlduk published this on April 19, 2007.

As malware creators, adware distributors and cyber crooks contribute to access botnets and capitalize on them, massive attacks by Storm Worm that imitate traditional worm behavior and its speedy propagation through spam will rise to new heights, thinks Jose Nazario.

Fraudsters typically embed destructive JavaScript in a website that run without any alerts when users view the site on their browsers.

Related article: Criminals Hack With More Evil Tactics

» SPAMfighter News - 4/26/2007