Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Finjan advice on hidden malicious web code

Finjan Software : 01 December, 2008  (Technical Article)
Dynamic code analysis protection software enables users to safely surf and avoid falling victim to obfuscated malware on web sites
Finjan has warned Internet users to be on their guard, following an apparent compromised web page on one of the sub-domains on the portal.

"The cybercriminals, who compromised one of the sub-domains under, appear to have added a malicious obfuscated script to the infected page. The injected script then dynamically injects an IFrame that pulls malware from a remote server locating in Russia." said Yuval Ben-Itzhak, Finjan's CTO.

Fortunately for CBS site visitors, Finjan reports that actions were already taken to turn that Russian server offline.

Finjan CTO says the company's MCRC - Malicious Code Research Centre - has notified CBS of the problem and the team expects the page in question to be taken offline and/or replaced with the original data.

'This saga confirms our many previous warnings that obfuscated code posing a serious threat to Internet users' PCs. Our Threats Reports have continued to identify the increasing use of code obfuscation as a means of bypassing traditional signature-based solutions in order to propagate malware,' he said.

'This saga illustrates the popularity of malicious obfuscated code as a weapon of choice by criminal hackers. It also highlights the fact that no Web portal, no matter how high ranking, can be totally secure against a system hack and consequent infection of its visitors. Web users need to exercise caution at all times,' he added.

Finjan's security tips and notes to prevent infection:.

For businesses:.

1 Install a Secure Web Gateway to protect valuable data from being compromised by malware.
2 Finjan is offering free Malware Detection Audits to organisations with over 1,000 users.
3 Consider the use of a secure platform when accessing Web 2.0 sites.

For consumers:.

1 Use Finjan's SecureBrowsing browser plug-in to make the right decisions when browsing the Web
2 Exercise caution when accessing Web 2.0-enabled sites - eg Social Networking portals, wikis and blogs.
3 Do not rely just on signature-based IT security applications.

For all users:.

1 The preferred way to stop dynamically obfuscated code and similar types of advanced hacking techniques is to analyse and understand the code embedded within Web content on-the-fly before it reaches the user.

2 Proactive, behaviour-based IT security technology performs in-depth analysis of each and every piece of content, regardless of its original source.

3 This analysis breaks the code into parts, understands the execution path and the functions' call flow.

4 As a result, these solutions can identify code that is about to perform a malicious or suspicious operation, and block it at the perimeter, rather than allowing it to enter the network and relying on desktop security.

5 This type of proactive security is akin to having an `expert system' in a box,' safeguarding users from even the most devious attack techniques, such as those disclosed in this and previous Finjan reports.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo