Posted on 03/11/2005 10:56:57 AM PST by ShadowAce
Some useful citizen has created an installer that will nail IE with spyware, even if a surfer is using Firefox (or another alternative browser) or has blocked access to the malicious site in IE beforehand. The technique allows a raft of spyware to be served up to Windows users in spite of any security measures that might be in place.
Christopher Boyd, a security researchers at Vitalsecurity.org, said the malware installer was capable of working on a range of browsers with native Java support. "The spyware installer is a Java applet powered by the Sun Java Runtime Environment, which allows them to whack most browsers out there, including Firefox, Mozilla, Netscape and others. In the original test, only Opera and Netcaptor didn't fall for the install but Daniel Veditz, who is the head of Mozilla security, has since confirmed to me that this will also work in Opera and Netcaptor," he explained.
In the example Boyd highlights surfers looking for Neil Diamond lyrics (of all things) are served with a variety of adware and spyware packages including Internet Optimizer, sais (180 Solutions) and Avenue Media. Thereafter, if victims allow the packages to install, victims will be bombarded with pop-up ads and their computer will be reduced to a crawl. The malware doesn't install automatically but managed web security firm ScanSafe reckons the pop-up dialogue it generates is obscure enough to fool most home users.
ScanSafe reports an increase in spyware of 15 per cent over the last three months of 2004 compared to the previous quarter. Adware accounted for three of the top 10 most prolific threats recorded by ScanSafe over Q4 2004. Spyware authors have thus far restricted themselves to targeting vulnerabilities in IE but ScanSafe reckons it’s only a matter of time before they turn their attention towards alternative browsers.
John Edwards, CTO of ScanSafe, said that some users migrated away from IE to alternative browsers such as Firefox after various security scares last year. He cited figures from Secunia that Firefox and IE were both subject to five advisories in the first two months of this year to support his argument that Firefox was not "bullet-proof".
"Just switching away from IE does not give adequate projection. Now that Firefox and other alternative browsers have a toehold in the market the hacking community will get busy exploiting the vulnerabilities that exist in any complex browser," he said. ®
Beware of "close window" buttons.
There are architectural reasons Windows is more vulnerable.....than Unix or Linux..... nothing is invulnerable...but all the hackers are busy working on windows...its such an easy target.
Or use the task manager, if you're really paranoid!
There's no way to NOT have it if you run Windows. Of course, you could be a Mac or Linux person.
If you allow something to install, you are not a "victim".
You notice though, that even with Firefox, it's IE that is the vector for this attack. Also, those of us on non-windows platforms are similarly not quite as vulnerable to this attack.
Linux is the ultimate windows service pack.
Nothing is perfect, and I don't claim otherwise, but just about anything is a better alternative to IE.
Of course. It's built into the OS. You manually try to get rid of the shortcuts, and the executable, you screw up part of the Windows installation, and Windows becomes unreliable.
Opera - it's been my Windows & Linux browser for years.
I meant to drop you a note and forgot about it... regarding IE, somewhere ( if I saved the link, I can't locate the bloody thing ) I read that the *latest* service packs feature an option for uninstalling it. There is another route, and please note-- I have not tried this, nor do I recommend anyone else try it without a full, current backup-- better safe than sorry:
Removes all versions of Internet Explorer from all versions of Windows 9x in 8 different languages! - INSANE!!
http://www.litepc.com/ieradicator.html
I SAY AGAIN- haven't tried it, for informational purposes only, proceed at your own risk. You have been warned.
So, if you have sun java on your computer it allowing malware in? or it is malware?
It's on my computer now and I think it came in when trying to install a program from usps with a stamp program, that still won't work right.
I get the last laugh. :)
Yep.
Bump for later
No, and no.
If you have Java on your machine, it can *ask* you if you want to install malware.
Java is nearly the perfect online technology, by default it can't touch your desktop without your explicit approval.
"JAVA as an entry point"
Java applets have always been an entry point, this is no surprise. No one s/b running with Java enabled,, turn it on only for needed websites like moving weather maps etc.
In Mozilla or Netscape genre browsers, edit preferences, advanced, it is right there.
In IE it is harder to find, in keeping with company policy.
Internet options, security, custom and select disable java.
Removing Java from you computer is the same as removing the tires from your car to prevent flat tires. Java is a fundamental tool of a computer. Disable it if you want, but don't remove it.
Thanks
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.