Web Threats
Web-based threats – or online threats – are malware programs that can target you when you’re using the Internet. These browser-based threats include a range of malicious software programs that are designed to infect victims’ computers. The main tool behind such browser-based infections is the exploit pack – which gives cybercriminals a route to infecting computers that either: Cybercriminals will use almost any vulnerability – within an operating system (OS) or an application – in order to conduct an exploit-based attack. However, most cybercriminals will develop web threats that deliberately target some of the most common OSs and applications, including: In 2012, the number of browser-based attacks was 1,595,587,670. On average, that means Kaspersky Lab products protected users against web threats more than 4.3 million times every day. Kaspersky’s Internet security experts have identified the most active malicious software programs involved in web threats. The list includes the following types of online threats: In Kaspersky’s list of 2012’s most active malicious software programs associated with online threats, the following Top 20 account for 96% of all web attacks: Position Name* Number of attacks % of all attacks** 1 Malicious URL 1,393,829,795 87.36% 2 Trojan.Script.lframer 58,279,262 3.65% 3 Trojan.Script.Generic 38,948,140 2.44% 4 Trojan.Win32.Generic 5,670,627 0.36% 5 Trojan-Downloader.Script.Generic 4,695,210 0.29% 6 Exploit.Script.Blocker 4,557,284 0.29% 7 Trojan.JS.Popupper.aw 3,355,605 0.21% 8 Exploit.Script.Generic 2,943,410 0.18% 9 Trojan-Downloader.SWF.Voleydaytor.h 2,573,072 0.16% 10 AdWare.Win32.IBryte.x 1,623,246 0.10% 11 Trojan-Downloader.Win32.Generic 1,611,565 0.10% 12 AdWare.Win32.ScreenSaver.e 1,381,242 0.09% 13 Trojan-Downloader.JS.Iframe.cxk 1,376,898 0.09% 14 Trojan-Downloader.JS.Iframe.cyq 1,079,163 0.07% 15 Trojan-Downloader.JS.Expack.sn 1,071,626 0.07% 16 AdWare.Win32.ScreenSaver.i 1,069,954 0.07% 17 Trojan-Downloader.JS.JScript.ag 1,044,147 0.07% 18 Trojan-Downloader.JS.Agent.gmf 1,040,738 0.07% 19 Trojan-Downloader.JS.Agent.gqu 983,899 0.06% 20 Trojan-Downloader.Win32.Agent.gyai 982,626 0.06% * These statistics represent detected verdicts of the web-based antivirus module and were submitted by users of Kaspersky Lab products who consented to share their local data. **The percentage of unique users with computers running Kaspersky Lab products that blocked online threats. Other articles and links related to threats, malware and security
Applications and OSs that are targeted by online threats
Because Java is installed on over 3 billion devices – that are running under various operating systems – exploits can be created to target specific Java vulnerabilities on several different platforms / OSs.
Although Adobe Reader has been targeted by many attacks, Adobe has implemented tools to protect the program against exploit activity – so that it’s getting harder to create effective exploits for the application. However, Adobe Reader was still a common target over the past 18 months.
Active exploits still target vulnerabilities that were detected as far back as 2010 – including MS10-042 in Windows Help and Support Center, and MS04-028 which is associated with incorrect handling of JPEG files.
Cybercriminals use exploits to gain root privileges. Then, they can achieve almost complete control over the targeted device.Millions of web attacks… every day
Kaspersky identifies these websites by using cloud-based heuristic detection methods. Most malicious URL detections are for websites that contain exploits.
Hackers inject malicious scripts into the code of legitimate websites that have had their security compromised. Such scripts are used to perform drive-by attacks – in which visitors to the website are unknowingly redirected to malicious online resources.
Generally, these either:
These Trojan viruses deliver various malicious programs to users’ computers.
Exploits target vulnerabilities and try to evade the attention of Internet security software.
Often, adware will simultaneously install when a user starts to download a freeware or shareware program.Top 20 malicious programs on the Internet
