01 February 2011

Malware Attack Kit Analysis

The ecosystem of malware production and infection may not be of interest to everyone, but a new report from Symantec provides a great insight, if you are interested or need to know.

Partial view of the contents page of Symantec's report 'Attack Kits and Malicious Websites'

Attack Kits and Malicious Websites (report PDF) describes attack methods, kit types and the evolution of these crimeware kits. The features and method of traffic generation are discussed, together with an excellent section on the prevalence of attack kits, malicious web sites and attack kit popularity. The top three most attacked vulnerabilities all affected web browser plug-ins, and out of five unpatched vulnerabilities used, five of these affected browser plug-ins; and all of these could be used in drive-by malware installation where a user only has to visit a page without any other action required.

Note that the web sites hosting the malicious code are a combination of intentionally malicious web sites, and legitimate web sites which have been compromised for malicious purposes.

The report includes some advice for systems administrators and end users on protective measures, although it is light on advice for preventing your own web site becoming compromised.

If you are interested in cyber fraud or how to detect it, and want to read more extensively, I'd recommend Cyber Fraud: Tactics, Techniques and Procedures, Auerbach Publications, 2009 (ISBN 978-1-420-09127-1), and Detecting Malice, Robert Hansen, SecTheory, 2009 (ISBN 978-0-557-18733-1).

Posted on: 01 February 2011 at 08:40 hrs

Comments Comments (0) | Permalink | Send Send | Post to Twitter

Comments

Comments are filtered automatically and should appear shortly after they been checked.

Post a comment
Confirm acceptance and understanding of the terms of use
New posts to this thread will be sent to your email address
Malware Attack Kit Analysis
http://www.clerkendweller.com/2011/2/1/Malware-Attack-Kit-Analysis
ISO/IEC 18004:2006 QR code for http://clerkendweller.com

Page http://www.clerkendweller.com/2011/2/1/Malware-Attack-Kit-Analysis
Requested by 50.17.176.149 on Thursday, 24 April 2014 at 16:43 hrs (London date/time)

Please read our terms of use and obtain professional advice before undertaking any actions based on the opinions, suggestions and generic guidance presented here. Your organisation's situation will be unique and all practices and controls need to be assessed with consideration of your own business context.

Terms of use http://www.clerkendweller.com/page/terms
Privacy statement http://www.clerkendweller.com/page/privacy
© 2011-2014 clerkendweller.com