We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

New malware trick outfoxes PC users

Attackers persuade users to infect themselves

The Sans Institute has uncovered more evidence that internet attackers don't necessarily need any clever technical tricks to plant malicious software on users' systems - an understanding of psychology will do just as well.

In a bulletin on Friday, Sans' Internet Storm Center (ISC) described a website that led to several users mysteriously becoming infected with malware. Part of the mystery, according to ISC handler Bojan Zdrnja, was that the site didn't use the nearly universal technique of an iframe, which allows exploit code to be siphoned in from another website.

"It's pure social engineering - the user is actually encouraged to install the malware himself," Zdrnja wrote.

He said the site - which is related to the game RuneScape - shows some broken icons and links to a page that informs the user that their version of Macromedia Flash Player needs to be updated.

"After this notice, the user is redirected to a website hosting a complete replica of the Shockwave Player Download Center," Zdrnja wrote. All the links on this page lead to Adobe's website except for the ‘install’ link.

As a precaution, the page also uses JavaScript to disable right-click actions. Users download the malware themselves via an installer that was difficult to detect by most virus scanners, Zdrnja said.

He said the site demonstrates that attackers can infect users merely by lulling them into a false sense of security. "Technically this attack wasn't even worth the diary, however, the appearance could probably fool a lot of users," Zdrnja said.

The attackers didn't even bother to conceal the non-Adobe web address of the download page - but because the page looks genuine, most users wouldn't even think to check the address bar, Zdrnja pointed out.

"Would SSL help here? Yes, but again only if users pay attention, and in this case they would first have to be trained to check for it when downloading files, and that's another story," he said.


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia