MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

30.6.11

JAVA Drive-by [infection] On Demand

JAVA is one of the largest computer technology integration in the field of cybercrime because of its status as a "hybrid". This transforms Java platform in a highly exploited vector for the spread of all types of malicious code.

Even the modern crimeware includes a battery of exploits created to exploit vulnerable versions of JAVA through Exploit Packs, and in fact, together with the PDF files, exploits for JAVA are those with higher success rate.

Now, Drive-by is one of the most widely used techniques to propagate and automate the process of infection via the web. Especially through websites that promise via streaming video display or visual social engineering strategies similar. Combining this methodology with JAVA simply results a Java Drive-by; that is technically the same but using JAVA language and resources. Did you ever see some of these templates?...


...Probably many times!

Every day we see these websites are usually hosted on sites that offer free file storage, but they conceal the necessary instructions to "streamline" the process of infection, simply using a Java applet. In chronological order, the images correspond to the options of: Photo Gallery, Camera Chat and Video Streaming respectively. All, created an automated way through iJAVA.

iJAVA is a On Demand generator (Java Drive-by Generator) of Arab origin, since its first version had a very good acceptance in the area of ​​cybercrime because it allows in just a few clicks, create a simple web page, link to this site a customized malware and automatically upload the page, for example, to one of these services free storage. A dose of visual trivial social engineering but unfortunately extremely effective.

iJAVA Version 1. In just three steps propagators of malware pose a threat personalized accompanying the action with a dose of social engineering.

iJAVA Version 2. Adding a series of "extras", like the previous version, the creation of the strategy is defined in only three basic steps.
Some examples in the wild:

Unlike the first version, the second generation to customize a template itself, which the design is used to "capture" of victims is limited only to the imagination of the attacker being able to achieve infection strategies such as:


Saving time is also an important factor for cybercriminals. And with applications of this style, get the automation necessary to cost savings in terms of time and of course, profits also in economic terms, since in spite of the triviality of the maneuver, cybercriminals often use them in campaigns related to business type of PPI (Pay-per-Install) to boost the economy through affiliate programs.

Related information:
Automatización en la creación de exploits
Automation in creating exploits II
Automating processes anti-analysis through of crimeware
Process Automation anti-analysis II

Ver más

15.6.11

The Art of the Cyberwar

The development of new technologies, in catching up with military interests and dependence on existing technology by developed countries, sets up a scenario where the cyber war, or war in cyberspace, is becoming more important.

All countries aware of the risks of such dependence developed defense programs against attacks that could jeopardize critical national infrastructure.

On the other hand, developing countries and major world powers are training computer security experts in various techniques of hacking, cracking, virology, etc.., forming true experts in cyber warfare, called cyberwarriors.

That does not fit anyone doubt that the future wars will not be determined or land or sea or air, but in cyberspace. The soldiers do not carry weapons or shields, but knowledge and deploy applications that war virus, disabling the enemy's critical systems that are technologically dependent.

This is the scenario where the world is moving now, a scenario of technological dependence, where countries with more traditional military strength will be losing ability to war for countries with highly qualified in computer security and cyber techniques.

This essay is intended as a point of reflection and knowledge about cyber warfare, on the present philosophy of Sun Tzu in the Art of War, and adapt their knowledge to technological scenario which we live and live, so we can get a modern compendium: The Art of Cyberwar.

Version in english
Version in spanish

Ver más