We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

New malware trick outfoxes PC users

Attackers persuade users to infect themselves

The Sans Institute has uncovered more evidence that internet attackers don't necessarily need any clever technical tricks to plant malicious software on users' systems - an understanding of psychology will do just as well.

In a bulletin on Friday, Sans' Internet Storm Center (ISC) described a website that led to several users mysteriously becoming infected with malware. Part of the mystery, according to ISC handler Bojan Zdrnja, was that the site didn't use the nearly universal technique of an iframe, which allows exploit code to be siphoned in from another website.

"It's pure social engineering - the user is actually encouraged to install the malware himself," Zdrnja wrote.

He said the site - which is related to the game RuneScape - shows some broken icons and links to a page that informs the user that their version of Macromedia Flash Player needs to be updated.

"After this notice, the user is redirected to a website hosting a complete replica of the Shockwave Player Download Center," Zdrnja wrote. All the links on this page lead to Adobe's website except for the ‘install’ link.

As a precaution, the page also uses JavaScript to disable right-click actions. Users download the malware themselves via an installer that was difficult to detect by most virus scanners, Zdrnja said.

He said the site demonstrates that attackers can infect users merely by lulling them into a false sense of security. "Technically this attack wasn't even worth the diary, however, the appearance could probably fool a lot of users," Zdrnja said.

The attackers didn't even bother to conceal the non-Adobe web address of the download page - but because the page looks genuine, most users wouldn't even think to check the address bar, Zdrnja pointed out.

"Would SSL help here? Yes, but again only if users pay attention, and in this case they would first have to be trained to check for it when downloading files, and that's another story," he said.


IDG UK Sites

Nexus 6 vs Samsung Galaxy Note 4 comparison: What's the best Android phablet?

IDG UK Sites

The iPhone is doomed. Doomed to be marginally less successful than a very successful thing.

IDG UK Sites

How to prototype native mobile apps without writing code

IDG UK Sites

How to prepare for and update to OS X Yosemite: Get your Mac ready to download & install Apple's...