Kaspersky Lab has released an article entitled “The Perils of the Internet” authored by malware analyst Eugene Aseev. As the title suggests, this article looks at the threats which make web surfing risky.
Today, attacks launched over the Internet are both the most numerous type of threat, as well as the most dangerous. In Q2 2010 Kaspersky Lab products blocked over 157 million attempts to infect computers via the Internet. This article answers questions such as “How does a computer get infected during web surfing?” and “Who profits from Internet attacks?”
Attacks via the Internet usually have two steps: redirecting a user to a malicious resource, and downloading a malicious executable file onto his/ her computer. Cybercriminals have two choices: cause the user to download the program by him/ herself, or conduct a drive-by download.
In the first case, cybercriminals resort to spam, flashy banners and “black hat” search engine optimization. In a drive-by attack, a computer can be infected without any user involvement, and without the user noticing anything untoward. Most drive-by attacks are launched from infected legitimate resources. As a rule, drive-by attacks do not entail persuading a user to visit a particular site; the user will come across the site as part of his regular routine. Such a site might be, for example, a legitimate (but infected) news website, or an online shop.
One of the most common methods used to launch drive-by attacks today is by using exploit packs that exploit vulnerabilities in legitimate software programs running on the victim machine. Today, exploit packs represent the evolutionary peak of drive-by attacks, and are regularly modified and updated to include exploits for newly identified vulnerabilities.
Everyone involved in Internet attacks - from the owners of web-resources which host banners to those who participate in affiliate programs - make money from innocent users, by using their money, personal information, computing power etc.
“In order to protect yourself, you need to update your software regularly, especially software that works in tandem with your web browser,” says the author. “A security solution which is kept up-to-date also plays an important role. And, most importantly, you should always be cautious regarding information which is spread via the Internet.”
The full version of “The Perils of the Internet” is available at www.securelist.com/en.