Botnet & spam attacks are getting ugly.
Mon, April 14, 2008 at 10:19 AM
Everyone's aware of the trojans and the zombie computer botnets that often spawn from them have been a problem for many years, but now the attacks have been getting downright nasty. Attackers are using more and more sophisticated methods, including social engineering, to get past users' defenses. Like an attack targeting eBay members and stealing their online identities using multi-stage attacks in order to perpetuate fraud. The eBay attack began with hackers compromising third-party web sites using a technique called SQL injection. Extra code was dynamically added to the main page of these web sites using a hidden IFRAME tag which loaded a malicious web page. This page contained a VBScript file that used AJAX to download and save a file called MISuvstm.exe into the Windows system folder. Once this file was downloaded, it attached itself to the Windows Explorer process and went hunting for a further trojan, called SRTops32.exe, which was the basis for a Distributed Denial-of-Service (DDoS) attack on eBay itself. The attack uses eBay's own Application Programming Interfaces to guess eBay users' passwords by brute force, although more traditional phishing techniques are also being used.
More on security threats:
"The future outlook isn't promising -- bot-affected software is growing more powerful and stealthy, making it harder to find and return to a secured state. The pressure is on computer users to become savvier about security and on organizations to spend more money on proactive defenses, and detection and reaction capabilities. Law enforcement will also need to deal with an increasing number of crimes that involve potentially thousands of computers at a time."
Reader Comments