MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

30.3.09

Visual social engineering to spread malware

The methods of deception are a fundamental piece of strategies for dissemination of malicious code, above all, the trojans because they need the intervention of the human factor to meet its objectives effectively.

While the use of visual social engineering isn't an innovative method for anything, remains highly exploited by computer criminals in the hope of getting unsuspecting users to activate (double click) the malware.

Given these characteristics, the question that rings in my head immediately is, if it is not a novel method why is there a high rate of infection through this sort of cheating?

Perhaps one of the keys that allow answering the question whether the high demand of pornography over the Internet. "How well" tell a friend Central :-)

One of the main features of the visual social engineering lies in the operation of websites that promise multimedia content being pornography one of the most searched topics on the Internet and therefore, one of the most common exploit through this technique.

A concrete example pages represent the fake PornTube, which promises to display a video course, using as bait a picture of the alleged video, along with the need to install a codec that, of course, this is a malware and not a codec.

Below I discuss some of the URLs used to disseminate this strategy, but must take into account the number of domains used by the criminals behind it, is considerably longer.

watch-videos. cn
7wmv. In
alll-online.com/pl/pl. php
stumbulepon. com
video.stumbulepon. com
watch-video. info
yuotnbe. com
yuotuhe. com
world-tube. biz
hothotvideo. com
video-go. net
get-new.mee.fgu.name/sudofe. html
sandpaper-type.mee.fgu.name/qurer. html
free-avg.mee.fgu.name/qusthalyene. html

A question of supply and demand, who tend to visit pornographic sites they want to consume pornography. Never mind that the material is present in image or video format, or that in the middle of the video course requested the installation of ten "codec" who wants to pornography will do everything possible to get without measuring the potential security risks, so many sometimes implies.

Related information
Strategies of deception, spam and malicious code
Social Engineering and Waledac Valentine
Deception techniques that do not go out of style

Jorge Mieres

0 comentarios:

Post a Comment