Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Drive-By Download Attacks Were the Biggest Online Threat Last Month


04 Dec 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Drive-By Download Attacks Were the Biggest Online Threat Last Month

Quote:
Exploits and other malicious scripts associated with drive-by download attacks dominated the threat landscape last month and accounted for most entries in Kaspersky Lab’s top 20 malware applications.

Drive-by download attacks have multiple components. They usually start with cyber criminals exploiting a Web vulnerability to compromise a legitimate website.

Then they inject a rogue iframe or script element into its pages, which calls a redirect script from an external domain.

This script redirects requests to a script downloader, which checks if vulnerable software is installed on the computer and serves the appropriate exploit.
Drive-By Download Attacks Were the Biggest Online Threat Last Month - Softpedia


My System SpecsSystem Spec
.

05 Dec 2010   #2

Windows 7 Ultimate x64 and Home Premium x64
 
 

Yup... That is still on the rise and the problem is that it requires people to be literally paranoid about their web browsing.

And by 'paranoid about their web browsing', I mean by literally gimping their web browser, not just "ooh, don't go to that web site." The problem is mostly the fact that in order to 'enrich' a website is also what opens up a lot of people to these types of things as well as the need to find information, there will be multiple places to stumble upon that aren't as careful or as secure as they should or would like to be to avoid the nasty install stuff.
My System SpecsSystem Spec
05 Dec 2010   #3

W7 X-64 W8.1 X-64 Opensuse 13.1 W2003 Server
 
 

Hi there
Back ages ago when I was sceptical (and still to some extent nothing's changed much) of ALL AV software I pointed out that THIS type of infection was far more dangerous than "Classical Virus and Malware" infections that most AV software was aimimg to protect against and couldn't do much against the "Drive by" type.

I'm not saying that people don't get infected but back then it was usually users of Torrent and other "quasi legal" sites offering warez or shared Pirate downloads. Other users rarely if ever got infected.

Drive by infections are HUGELY difficult to defend against especially for corporations with large lans where 1000's of people may be accessing the internet at any one time and locking a PC down doesn't often solve these types of problems.

AV software is finally realising this type of attack needs much more work on it -- but since you are now having to deal with the WINDOWS internal kernel itself some AV vendors will find it tough going as MS will not want to let Windows Source code out into the public domain -- and releasing it to a lot of smaller companies is in effect just as good as publishing the code on the web --these companies are usually as leaky as a sieve.

For once MS seems the best bet with its MSE offerring since it obviously HAS the Windows Source and can re-write parts of the kernel at will to protect it.

IMO a HOME user will always be better protected by accessing the web through a Virtual Machine and ONLY deploy stuff to a REAL machine after proper testing / scanning etc.

A Small 512 MB VM is all you need for Net access in most cases --even a tiny netbook should be able to run a VM of that size OK. You could probably get away with a 384 MB VM but you might want Windows 7 as your guest VM too.

If the VM gets infected --who cares -- just bin it and load another one. You haven't got any protected data etc on it so there would be nothing to steal or destroy that a hacker would be able to get its hands on.

If you DO use online Banking change passwords, memorable words and pin codes REGULARLY - but not all at the same time of course.

Incidentally as NO AV SOFTWARE is ever or can ever be 100% effective I would suggest that if your machine becomes infected just wipe and reload a fresh image or a complete re-install if you don't have a clean image. YOU CANNOT GUARANTEE THAT ANY INFECTION HAS BEEN 100% REMOVED - EVER - BY AV SOFTWARE.

Usually safe surfing is your best bet -- but we know some people will always take risks so if you do then do it properly and you should still be safe.

Cheers
jimbo
My System SpecsSystem Spec
.


Reply

 Drive-By Download Attacks Were the Biggest Online Threat Last Month




Thread Tools



Similar help and support threads for2: Drive-By Download Attacks Were the Biggest Online Threat Last Month
Thread Forum
McAfee: Malware Threat Biggest in 4 Yrs, Puts "Mac Fanboys" on Notice Security News
Can i Download Online Shockwave Games? Gaming
How do I reformat an SSD drive after trojan attacks System Security
Britons spend more than 'one day a month online' News
Download McAfee Internet Security 2010 6 Month Trail System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:32 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33