Easy things you can do to protect against one of the fastest growing threats on the Internet.
Protect Your PC Against Exploits
By Bob Rankin
Drive-by downloads — malware delivered to random Web site visitors — are one of the biggest, fastest-growing threats on the Internet. Learn how they spread across the web, and some easy things you can do to protect against these dangerous exploits…
Exploits Kits Are Big Business
It was a surprise to me when I first learned that the developers of malware don’t try to keep their creations a secret. To the contrary, they’ll typically offer it for sale to other hackers after they’ve used it themselves. This “used malware” is traded online in hacker forums and other venues where sellers bundle malware packages into “exploit kits” and sell the kits to crooks who have more money than programming talent.
In my recent article, Drive-by Download Dangers, I discussed how they’ve become so ubiquitous. The rather amazing sophistication of this malware is described in the latest Security Intelligence Report from Microsoft.
The malware delivered in drive-by downloads is recycled stuff, in most cases. Each malware package exploits a different vulnerability in a browser, its operating system, or its add-ons. (Add-ons are the most frequently vulnerable and exploited of the three targets.) A newly discovered vulnerability against which there is no defense (called a zero-day vulnerability) is more valuable to bad guys than an older, well-known one for which patches have been developed and distributed.
A zero-day vulnerability is typically sold by its discoverer to another crook who has a specific, high-value target in mind. Most likely, the target is a large corporation or institution whose IT environment hosts lots of valuable, exploitable data such as users’ personal identity and financial data, or trade secrets. The crook who buys the secret of the vulnerability creates malware that takes advantage of it. He then launches his attack against XYZ Corp. and succeeds or fails. Either way, after the primary attack he has a piece of malware that cost him plenty to develop, and it has re-sale value.
The profits from exploit kits can be substantial; the people behind the Win32/Reveton family of malware reportedly grossed over $50,000 per day in fees derived from exploit kits. Don’t think for a second that I’m offering this information as a helpful money-making tip, though. There’s an encouraging trend in the past two years, where law enforcement agencies have been taking down these cyber criminals. I discussed one recent example in GameOver and Cryptolocker Busted.
Excerpt shared with permission from Bob Rankin.