Home Mail MemberMap Chat (0) Wallpapers
Go Back   ChiefsPlanet > The Royal Lounge > Media Center

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 03-11-2005, 12:58 PM   Topic Starter
Simplex3 Simplex3 is offline
MVP
 
Simplex3's Avatar
 
Join Date: Sep 2003
Casino cash: $5000
New AdWare hits the 'net...

Seems this little jewel is based mostly on two things:

1. IE being a security nightmare
2. People being dumb enough to willingly allow untrusted remote apps to install on their machines.

http://www.theregister.co.uk/2005/03...ive_slimeware/

Alternative browser spyware infects IE
By John Leyden
Published Friday 11th March 2005 16:54 GMT

Some useful citizen has created an installer that will nail IE with spyware, even if a surfer is using Firefox (or another alternative browser) or has blocked access to the malicious site in IE beforehand. The technique allows a raft of spyware to be served up to Windows users in spite of any security measures that might be in place.

Christopher Boyd, a security researchers at Vitalsecurity.org, said the malware installer was capable of working on a range of browsers with native Java support. "The spyware installer is a Java applet powered by the Sun Java Runtime Environment, which allows them to whack most browsers out there, including Firefox, Mozilla, Netscape and others. In the original test, only Opera and Netcaptor didn't fall for the install but Daniel Veditz, who is the head of Mozilla security, has since confirmed to me that this will also work in Opera and Netcaptor," he explained.

In the example Boyd highlights surfers looking for Neil Diamond lyrics (of all things) are served with a variety of adware and spyware packages including Internet Optimizer, sais (180 Solutions) and Avenue Media. Thereafter, if victims allow the packages to install, victims will be bombarded with pop-up ads and their computer will be reduced to a crawl. The malware doesn't install automatically but managed web security firm ScanSafe reckons the pop-up dialogue it generates is obscure enough to fool most home users.
Alternative browser adware risk

ScanSafe reports an increase in spyware of 15 per cent over the last three months of 2004 compared to the previous quarter. Adware accounted for three of the top 10 most prolific threats recorded by ScanSafe over Q4 2004. Spyware authors have thus far restricted themselves to targeting vulnerabilities in IE but ScanSafe reckons its only a matter of time before they turn their attention towards alternative browsers.

John Edwards, CTO of ScanSafe, said that some users migrated away from IE to alternative browsers such as Firefox after various security scares last year. He cited figures from Secunia that Firefox and IE were both subject to five advisories in the first two months of this year to support his argument that Firefox was not "bullet-proof".

"Just switching away from IE does not give adequate projection. Now that Firefox and other alternative browsers have a toehold in the market the hacking community will get busy exploiting the vulnerabilities that exist in any complex browser," he said.
Posts: 28,527
Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.Simplex3 would the whole thing.
  Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 11:11 PM.


This is a test for a client's site.
A new website that shows member-created construction site listings that need fill or have excess fill. Dirt Monkey @ https://DirtMonkey.net
Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.