iTWire - Riding the Net risks drive-by malware download attack

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Riding the Net risks drive-by malware download attack

Riding the Net risks drive-by malware download attack

E-mail

by Peter Dinham
Tuesday, 07 July 2009
Page 1 of 2 Drive-by download malware is still the most often downloaded nasty by Internet users, with vulnerabilities in Adobe and Microsoft products often the stalking horse of the trojans spreading infection around the Web. Featured Whitepaper 5 Best Practices for Smartphone Support According to Kaspersky in its latest report listing the top 10 e-threats, a Trojan downloader program, Gumblar.a, is the number one threat, described by Kaspersky as an excellent example of malware used in drive-by downloads. Kaspersky says Gumblar.a is a small encrypted script which, when executed, redirects the user to a malicious website, where a series of vulnerabilities is then exploited to download a malicious executable file from the website and install it on the user’s computer. Once installed, the file affects the user’s web traffic by modifying Google search results, and according to Kapersky, it also searches the computer for passwords to FTP servers in order to infect them. The result, says Kaspersky, “is a botnet of infected servers created by cybercriminals which can be used to download any type of malicious program to users’ computers. The number of infected servers is enormous and, furthermore, the malware is still spreading to unprotected computers.” Another notable example of drive-by download malware cited by Kaspersky is a Trojan-downloader program, LuckySploit.q, which is in third place in the second ranking and is also present in the first top 20. Kaspersky says LuckySploit.q is a skillfully obfuscated script, which first harvests browser configuration data from the user’s computer. It then encrypts the data using an RSA public key and sends it to a malicious website. CONTINUED page 2 << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking