A malware is a computer program designed to steal sensitive information and to gain unauthorized access to the system [1]. An attack vector is the vulnerability used to compromise the system [2]. For instance, a common attack vector is to send an email, pretending to be a legitimate user, however the email contains a malicious program, a malware. Another example of an attack vector would be attacking a vulnerability/but in a software like adobe reader. This blog entry will describes three common attack vector used to install malware onto your system.
The first common attack vector, is by web browser vulnerability. Users have demanded more from their web browser, everything from playing movies to even running small flash programs which has made the web browser a complex bloated software. Every new technology that comes out for the browser is a potential for a new vulnerability. For example, when adobe flash first came out, there was a vulnerability that allowed the web server (that’s the website you go to) to execute any unauthorized code onto your computer [3]. The best thing to do is to update the browser, whenever a new patch is pushed out by the vendor [4].
Another common attack which is related to the browser software attack, is software that connect to the network. For example, the operating system is another software that connects to the network such as windows that may have vulnerabilities. Regular software updates to all your software on your system is important. Doing windows, java, adobe, etc… update fixes potential bugs and vulnerabilities on your system [5].
The last thing I would like to mention is email attachments. Victims commonly get malware by being tricked into opening and executing email attachments. For example, a recent malware named cryptolocker was distributed by masking itself as a pdf from the payroll department. The file in question had the following extension, “payroll.pdf.exe”. The windows operating system will hide the .exe extension making the file look like “payroll.pdf” [6]. To prevent such attacks, users should use virus scanners to scan every email attachment that they receive. They should also look out for anything out of the ordinary, for instance, if it’s not common for payroll to send a pdf attachment, you should double check with that department to find out if it was sent from payroll.
figure 1. A dialog box from an cryptolocker infected computer [7].
This is by no means an exhaustive list. There are many other attack vectors that can be used. Using common sense and keeping your software updated is the best defense against malware.
[1] Malware. Retrieved from:
http://en.wikipedia.org/wiki/Malware
[2] attack vector. Retrieved from
http://searchsecurity.techtarget.com/definition/attack-vector
[3] Adobe flash. Retrieved from:
http://en.wikipedia.org/wiki/Adobe_Flash
[4] Outdated browsers:
http://www.upsdell.com/BrowserNews/why.htm
[5] Windows Updates & Patch Tuesday FAQ. By Tim Fisher. Retrieved from:
http://pcsupport.about.com/od/system-security/a/windows-update-faq.htm
[6] CryptoLocker Ransomeware Information Guide and FAQ. By Lawrence Abrams:
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
[7] Cryptolocker.png Retrieved from.
http://en.wikipedia.org/wiki/File:Cryptolocker.png
I enjoyed reading your blog Samuel and I learned a lot from it. I did not know that there is so many different types of ways a hacker can attack someone’s computer. Also, I did not know about that new malware Crypto Locker that disguised itself as a pdf file from payroll to attack their victims. However, I was hoping that you would go into more detail about these specific types of malware like Crypto Locker.
ReplyDeleteWell to answer your question about crypto locker. It's a malware that encrypts your files and puts a ransom on those encrypted files. The ransom is paid off with bitcoins. If you don't pay the ransom then you won't be able to decrypt your files to read them. This malware is also known as a ransomware.
Delete