In its most recent Security Labs Report M86 Security details the emergence of combined attacks that leverage Adobe's ActionScript and JavaScript languages to thwart most of the new, proactive detection mechanisms.
The bi-annual report, which covers the first half of 2010, highlights the evolution of obfuscation through combined attacks. This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls. Because existing techniques for "covering their tracks" are becoming less effective, intruders have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language -- built into Adobe flash -- and JavaScript components on the webpage, they limit the effectiveness of many of the the proactive security detection mechanisms in place today.
The report also covers another very concerning development, which was the automated widespread infection of legitimate websites by the returning Asprox botnet. In June, M86 Security Labs found more than 10,000 ASP sites had been infected by the Asprox Spambot over a period of only three days. An interesting factor of the attack was that the botnet performed a Google search term used to seek out additional vulnerable ASP sites. The bot not only spams, but also launches the SQL injection attack used to inject the target websites.
"Traditional methods such as spambots and dynamic code obfuscation are still very much in use. However the first half of 2010 has also seen the emergence of new advanced methods as seen in the new combined attacks. Cybercriminals continue to try and outsmart even the latest Internet security protection mechanisms," said M86 Security's Bradley Anstis
To download the full M86 Security Labs Report, go to http://m86.it/srfh10
