IT security research highlights rise of combination Adobe/Java attacks

This trend, says m86, is taking place as existing attacks become less effective. But the bad news is that these types of combined attacks are more difficult to detect

m86 calls this the evolution of 'obfuscation through combined attacks' and says it stems from cybercriminals seeking new ways to limit the effectiveness of many proactive security controls.

The bi-annual report from the firm,concludes that existing techniques for 'covering their tracks' are becoming less effective, and cybercriminals have begun using combined attacks, which are more complex and difficult to detect.

"By splitting the malicious code between Adobe ActionScript language, built into Adobe flash, and JavaScript components on the webpage, they limit the effectiveness of many of the proactive security detection mechanisms in place today", says the report.

The study also covers what m86 clams is another very concerning development – the automated widespread infection of legitimate websites by the returning Asprox botnet.

Back in June, M86 Security Labs says it discovered more than 10 000 ASP sites had been infected by the Asprox spambot over a period of only three days.

An interesting factor of the attack, notes the report, was that the botnet performed a Google search term used to seek out additional vulnerable ASP sites. The bot not only spams, but also launches the SQL injection attack used to inject the target websites.

"Traditional methods such as spambots and dynamic code obfuscation are still very much in use. However the first half of 2010 has also seen the emergence of new advanced methods as seen in the new combined attacks", said Bradley Anstsis, m86 security's vice president.

Cybercriminals, he explained, continue to try and outsmart even the latest internet security protection mechanisms.

The report also notes that two of the top three spambots M86 tracks use just one affiliate programme, Canadian Pharmacy, which remains the most popular because it is the most lucrative.

Pharmacy-related spam, says the study, accounted for 80.7% of all spam in the first half of 2010 and Canadian Pharmacy was responsible for 67% of that spam.


What’s Hot on Infosecurity Magazine?