10-04-07

The .ani attacks just continue

Microsoft has came up with a patch (because it didn' really have a very good look at the first attack against this code in 2005). What has changed is that with fuzzers which attack the whole of the code in every way possible every possible whole in an attacked format or function has to be be patched, not only the specific one that is being attacked now.

 

This doesn't seem to stop the attacks. Websense which has been monitoring the situation the most closest indicates that there are now 400 websites running infecton code. The split these in two groups. The first is the chinese/asian attack which is being set up to gather points in a popular online game. The second is more recent and has traces to some Easteuropean gangs which already have some experience with other exploits. They hack-deface sites to place iframes that load the exploits for every visitor of these sites. Being defaced or hacked is not without consequences for your visitors because this one will install also some rootkits and trojans.

 

And why should they stop ? The most popular infection nowadays is still based upon exploits that are already very old (netsky). And even if Microsoft has closed more or less the loophole, Firefox is still studying how to close it for their users (who thought first 'oh, another Microsoft problem').

15:01 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.