We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

New malware trick outfoxes PC users

Attackers persuade users to infect themselves

The Sans Institute has uncovered more evidence that internet attackers don't necessarily need any clever technical tricks to plant malicious software on users' systems - an understanding of psychology will do just as well.

In a bulletin on Friday, Sans' Internet Storm Center (ISC) described a website that led to several users mysteriously becoming infected with malware. Part of the mystery, according to ISC handler Bojan Zdrnja, was that the site didn't use the nearly universal technique of an iframe, which allows exploit code to be siphoned in from another website.

"It's pure social engineering - the user is actually encouraged to install the malware himself," Zdrnja wrote.

He said the site - which is related to the game RuneScape - shows some broken icons and links to a page that informs the user that their version of Macromedia Flash Player needs to be updated.

"After this notice, the user is redirected to a website hosting a complete replica of the Shockwave Player Download Center," Zdrnja wrote. All the links on this page lead to Adobe's website except for the ‘install’ link.

As a precaution, the page also uses JavaScript to disable right-click actions. Users download the malware themselves via an installer that was difficult to detect by most virus scanners, Zdrnja said.

He said the site demonstrates that attackers can infect users merely by lulling them into a false sense of security. "Technically this attack wasn't even worth the diary, however, the appearance could probably fool a lot of users," Zdrnja said.

The attackers didn't even bother to conceal the non-Adobe web address of the download page - but because the page looks genuine, most users wouldn't even think to check the address bar, Zdrnja pointed out.

"Would SSL help here? Yes, but again only if users pay attention, and in this case they would first have to be trained to check for it when downloading files, and that's another story," he said.


IDG UK Sites

Amazon Kindle Voyage release date, price and specs UK: a high-end eReader with Amazon’s best-ever...

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How to successfully bridge the gap between clients and creatives

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room