Channels ▼
RSS

Mobile

Adobe Flash, ActionScript Hiding Malicious Code



In its most recent Security Labs Report M86 Security details the emergence of combined attacks that leverage Adobe's ActionScript and JavaScript languages to thwart most of the new, proactive detection mechanisms.

The bi-annual report, which covers the first half of 2010, highlights the evolution of obfuscation through combined attacks. This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls. Because existing techniques for "covering their tracks" are becoming less effective, intruders have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language -- built into Adobe flash -- and JavaScript components on the webpage, they limit the effectiveness of many of the the proactive security detection mechanisms in place today.

The report also covers another very concerning development, which was the automated widespread infection of legitimate websites by the returning Asprox botnet. In June, M86 Security Labs found more than 10,000 ASP sites had been infected by the Asprox Spambot over a period of only three days. An interesting factor of the attack was that the botnet performed a Google search term used to seek out additional vulnerable ASP sites. The bot not only spams, but also launches the SQL injection attack used to inject the target websites.

"Traditional methods such as spambots and dynamic code obfuscation are still very much in use. However the first half of 2010 has also seen the emergence of new advanced methods as seen in the new combined attacks. Cybercriminals continue to try and outsmart even the latest Internet security protection mechanisms," said M86 Security's Bradley Anstis

To download the full M86 Security Labs Report, go to http://m86.it/srfh10


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video