Share this
Twitter
Myspace
Digg
Del.icio.us
Reddit
StumbleUpon
Slashdot
Furl
Yahoo
Technorati
Newsvine
Blinkbits
Spurl
Googlize this
Blinklist
Facebook
Export PDF
Print
E-mail
Tags
Obfuscated code that can affect PCs is not only being embedded in HTML webpages on legitimate websites, but is also being hidden in rich-content files, according to a security company. Secure web gateway firm Finjan said its Malicious Code Research Center (MCRC) had discovered numerous examples... “Since JavaScript is the most-used scripting language for communication with web browsers, third-party applications such as Flash player, PDF readers and other multimedia applications have added support for JavaScript as part of their application,” said Yuval Ben-Itzhak, chief technical offer at Finjan.
“This offers crimeware authors the opportunity to inject malicious code into rich-content files used by Ads and user-generated content on Web 2.0 websites.”
Finjan brief history of obfuscated code for cybercrime attacks includes:
* In 2005, code obfuscation consisted of character-based encoding - using any format a browser could interpret - and code scrambling
* In 2006, code obfuscation became dynamic – providing a predefined function which receives as input long sets of characters
* In 2007, an AJAX-based “private key” is used for de-obfuscating the code, enabling the code to be seen once- and in real-time only
* In 2008, obfuscated code is not only embedded in HTML-webpages on legitimate websites, but also in rich-content files such as PDF and Flash.
Despite the fact that online Ads and user-generated content on Web 2.0 websites are becoming popular ways to direct users to malware-infected files, a Web Security Survey by Finjan found that 46 per cent of organisations didn’t have a Web 2.0 security policy in place.
