Information Security Experts Warn Against Rising Drive-by Attacks based on Java Functionality
In this case, attackers use the open connection method of a URL Class to connect a Trojan Application to the Internet.
(prHWY.com) January 12, 2011 - Albuquerque, NM -- Attackers are finding new ways to by-pass security mechanisms. Recently,information security professionals have identified the trend of using java functionality to launch drive-by-attacks. In case of drive-by attacks, offenders tempt Internet users to click on a pop-up or fake error messages with malicious content. Alternatively they may append malicious script tag at the end of a legitimate URL. All new visits to the site will result in automatic download of malicious content.
Usually, attackers exploit the vulnerabilities in operating systems and web applications to inject malicious code or install malware. Experts have witnessed rise in a new breed of Trojan applications, which rely on the java functionality to inject more malicious code in computer systems. In this case, attackers use the open connection method of a URL Class to connect a Trojan Application to the Internet. When users click on a program infected with the Trojan, they inadvertently allow a malicious code to download and run on their computer systems and applications. The latest monthly malware report issued by Kaspersky Lab has detected, two open connection Trojans - Trojan-Downloader.Java.OpenConnection.cf and Trojan-Downloader.Java.OpenConnection.bu and affected over 40,000 computer systems at their peak during a 24-hour period during the last month.
Attackers can launch such drive-by attacks to gain remote access to computer systems, acquire user privileges, alter data, collect documents containing sensitive information and send them to remote servers. The stolen data may be used for identity theft and misrepresentation. Therefore, Internet users must be wary of clicking suspicious links and banner ads. They must not enter personal details on any website, without checking their authenticity to ensure information security
and confidentiality. Users can also prevent automatic execution of malicious scripts by disabling ActiveX scripts and ActiveX controls.
Organizations must conduct regular security audit of websites and web applications through ethical hacking
, penetration testing and other real-time tests to identify the threat vectors and initiate corrective active prior to their exploitation by criminals.
EC-Council provides industry training and certification for information security professionals in ethical hacking among many other specializations. "Understanding how hackers exploit these vulnerabilities is a key requirement to hardening software and hardware. That is why EC-Council focuses on ethical hacking as an approach to information security evaluation" as stated by EC-Council's Senior Director, Steven Graham. EC-Council through its Certified Ethical Hacker program has trained such information security professionals from all over the world.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences. The global organization is headquartered in Albuquerque, New Mexico.
6330 Riverside Plaza Ln NW
Albuquerque, NM 87120