Call Search
     

New to Ham Radio?
My Profile

Community
Articles
Forums
News
Reviews
Friends Remembered
Strays
Survey Question

Operating
Contesting
DX Cluster Spots
Propagation

Resources
Calendar
Classifieds
Ham Exams
Ham Links
List Archives
News Articles
Product Reviews
QSL Managers

Site Info
eHam Help (FAQ)
Support the site
The eHam Team
Advertising Info
Vision Statement
About eHam.net

   Home   Help Search  
Pages: Prev 1 [2]   Go Down
  Print  
Author Topic: malware  (Read 2190 times)
W6RMK
Member

Posts: 669




Ignore
« Reply #15 on: June 21, 2011, 06:50:12 AM »

These malware schemes are particularly pernicious trojans.  And, no, you don't have to "click" explicitly on a popup or email to get infected, nor is it particularly IE related (the most recent version to get attention was targeted at Macs)

Two alternative routes for infection:
"drive-by infection" - there have been a series of vulnerabilities in flash and many browsers in connection with the "mouseover" or rollover function.  As you move the mouse across the content (which could be an ad banner served on the page.. ) it triggers a scripting component which silently installs the payload.  this particular scheme is less common now, since the various plug-ins (Flash) have been fixed.

"search engine optimization poisoning" - this is the recent one and is essentially a very clever social engineering.  You do a google search for "images" for something and google comes back with thumbnails of all the images. You click on the image to make it bigger (or by the helpful mouseover, it gets done automatically), and the malevolent site sees that the inquiry is NOT coming from the google robot, and so, rather than feed back just the image, it feeds back the infection payload along side, transparently.  This typically requires that the bad guys hack the original site with the images (fairly easy, as it happens.. lots of websites don't have strong protections..e.g. blogs).  Google indexes the site with the image, and the trap is set.

Logged
W8JX
Member

Posts: 6678




Ignore
« Reply #16 on: June 21, 2011, 07:21:04 AM »

These malware schemes are particularly pernicious trojans.  And, no, you don't have to "click" explicitly on a popup or email to get infected, nor is it particularly IE related (the most recent version to get attention was targeted at Macs)

While this is somewhat true, MicroSoft's Active X which they promote offers a bigger and easier doorway to break into. Eliminate using IE and you increase your odds against maleware.
Logged

--------------------------------------
You can embrace new computer/tablet technology and change with it or cling to old fall far behind....
Pages: Prev 1 [2]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!