Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Javascript Injection Attack


  • Please log in to reply
4 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:28 AM

Posted 18 September 2008 - 01:43 PM

JavaScript injection attacks seem to be the in thing these days. Malware writers are increasingly utilizing such attacks as a better means to spread their work.

As little as a year ago, the bad guys were dependent on enticing people to follow links that pointed to malicious websites (via e-mail, search links, or IM worms). Today, they are using JavaScript injection attacks to simply "steal" a website's visitors, and it has become something of a Swiss Army Knife for underground hackers to spread their malware worldwide.

...The malicious site attempts two different methods to attack its visitors. The first is an attempt to exploit a Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability (MS06-014)...The second attack attempted is a drive-by download, which affects not only the IE browsers, but also Firefox 1.0 & 2.0 browsers. This attack uses JavaScript to detect the browser's type, then uses Adobe Flash exploits to download and execute a malicious binary file onto the system...

f-secure.com/weblog
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 iisjman07

iisjman07

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 18 September 2008 - 01:44 PM

Oh great, more ways to get infected.....

#3 norpacmiami

norpacmiami

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 19 September 2008 - 09:55 AM

Quietman7,

Any suggestions on programs that can and will stop such Java malware "injections" right at the front door ?

Or are we dependent right now on luck and constant suppervision ?

Andy

#4 iisjman07

iisjman07

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 21 September 2008 - 12:38 PM

I expect that running Firefox with NoScript would block the java attack

#5 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:28 AM

Posted 21 September 2008 - 12:54 PM

Protecting websites:
"Microsoft Best Practices for preventing SQL Injection Attacks "
"Stop SQL Injection Attacks Before They Stop You"
"SQL Injection Attacks - Are You Safe?"
"How To: Protect From SQL Injection in ASP.NET"

The Shadowserver Foundation provides an informative example of an SQL Injection attack, the malicious involved and tips on protection and detection for those who surf the web.

Malware Domain Block List
domains.txt is the complete list along with original reference.
Note: Blocking by IP address could potentially block other legitimate pages on the host and this technique is generally only helpful for a short duration as attackers frequently change domain names and IP addresses.

Strategies to help prevent infection:
* Disable, block active scripting/JavaScript in Internet Explorer or use the NoScript addon for Firefox.
* Be suspicious of links from unknown origin.
* Keep Windows up to date and apply all critical patches.
* Use real-time anti-spyware and anti-virus protection and a firewall.

Tools and Tips: Firefox security and safe surfing add-ons
How to Set Security Options in the Firefox Browser
50 Firefox Add-Ons to Achieve Private and Secure Web Surfing
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users