Ten major routes a malicious code takes in targeted attack
Cyber vulnerability is in focus on the back of a fast-spreading 'Lizamoon' SQL mass injection attack that sought to sell a bogus scareware, and the massive data breach occurred at online marketer Epsilon.
Security software maker Symantec has said in a report that targeted cyber attacks, including attacks on leading mobile platforms, are set to rise further in future.
The year 2010 witnessed significant targeted attacks like Hydraq (a.k.a. Aurora) and Stuxnet, Symantec said. While Stuxnet is a very complex threat, not all malicious code requires this level of complexity to breach an isolated network. Symantec has listed out 10 propagation mechanisms of the malicious code employed in a targeted cyber attack These are the following:
1. Executable file sharing
The malicious code creates copies of itself or infects executable files. The files are distributed to other users, often by copying them to removable drives such as USB thumb drives and setting up an autorun routine.
2. File transfer, CIFS
CIFS is a file-sharing protocol that allows files and other resources on a computer to be shared with other computers across the Internet. One or more directories on a computer can be shared to allow other computers to access the files within. Malicious code creates copies of itself on shared directories to affect other users who have access to the share.
3. Remotely exploitable vulnerability
The malicious code exploits a vulnerability that allows it to copy itself to or infect another computer.
4. File transfer, email attachment
The malicious code sends spam email that contains a copy of the malicious code. Should a recipient of the spam open the attachment, the malicious code will run and the recipient’s computer may be compromised.
5. File sharing, P2P
The malicious code copies itself to folders on an infected computer that are associated with P2P file-sharing applications. When the application runs, the malicious file will be shared with other users on the same P2P network.
6. File sharing, P2P
The malicious code copies itself to folders on an infected computer that are associated with P2P file-sharing applications. When the application runs, the malicious file will be shared with other users on the same P2P network.
7. File sharing, P2P
The malicious code copies itself to folders on an infected computer that are associated with P2P file-sharing applications. When the application runs, the malicious file will be shared with other users on the same P2P network.
8. SQL
The malicious code accesses SQL servers, by exploiting a latent SQL vulnerability or by trying default or guessable administrator passwords, and copies itself to the server.
9. File transfer, HTTP, embedded URI, email message body
The malicious code sends spam email containing a malicious URI that, when clicked by the recipient, will launch an attack and install a copy of the malicious code.
10. File transfer, MMS attachment
The malicious code uses Multimedia Messaging Service (MMS) to send spam messages containing a copy of itself.
© Copyright IBTimes 2024. All rights reserved.