Internet Anthropologist Think Tank: cyber Fear warmonger or Paul Revere?

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Wednesday, May 19, 2010

    cyber Fear warmonger or Paul Revere?

    I'm going to be accused of "cyber Fear warmonger," but I think history 
    may classify me closer to a Paul Revere?



    Security software vendors are loosing the battle on every front.


    Research: 1.3 million malicious ads viewed daily.


    New research released by Dasient indicates that based on their sample, 1.3 million malicious ads are viewed per day, with 59 percent of them representing drive-by downloads, followed by 41 percent of fake security software also known as scareware.
    The attack vector, known as malvertising, has been increasingly trending as a tactic of choice for numerous malicious attackers, due to the wide reach of the campaign once they manage to trick a legitimate publisher into accepting it.
    More findings from their research:
    • The probability of a user getting infected from a malvertisement is twice as likely on a weekend and the average lifetime of a malvertisement is 7.3 days
    • 97% of Fortune 500 web sites are at a high risk of getting infected with malware due to external partners (such as javascript widget providers, ad networks, and/or packaged software providers)
    • Fortune 500 web sites have such a high risk because 69% of them use external Javascript to render portions of their sites and 64% of them are running outdated web applications
    The research’s findings are also backed up by another recently released report by Google’s Security Team, stating that fake AV is accounting for 50 percent of all malware delivered via ads.
    The increased probability of infection during the weekend can be attributed to a well known tactic used by the individual/gang behind the campaign. Once the social engineering part takes place, in an attempt to evade detection, they would first feature a legitimate ad, wait for the weekend to come thinking that no one would react to the attack even if it was reported, and show the true face of the campaign.
    Case in point is NYTimes malvertising campaign (Sept. 2009):

    SOUNDS BAD? IT GETS WORSE.
    Potential to bring down the WWW and keep it down.

    BY AN INDIVUAL:

    HOW BAD IS IT?

    I SINCERLY HOPE HISTORY PROVES ME WRONG, BUT IT SEEMS
    IT JUST KEEPS GETTING WORSE AND WORSE.

    Gerald
    Internet Anthropologist
    Tactical Internet Systems analyst.

    .

    0 Comments:

    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home