A new report details the emergence of combined attacks that leverage Adobe’s ActionScript and JavaScript languages to thwart most of the new, proactive detection mechanisms.

The bi-annual report highlights the evolution of obfuscation through combined attacks. This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls.

Because existing techniques for “covering their tracks” are becoming less effective, cybercriminals have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language – built into Adobe flash – and JavaScript components on the webpage, they limit the effectiveness of many of the proactive security detection mechanisms in place today.

The report also covers another very concerning development, which was the automated widespread infection of legitimate Web sites by the returning Asprox botnet. In June, we found more than 10,000 ASP sites had been infected by the Asprox Spambot over a period of only three days. An interesting factor of the attack was that the botnet performed a Google search term used to seek out additional vulnerable ASP sites. The bot not only spams, but also launches the SQL injection attack used to inject the target websites.

Traditional methods such as spambots and dynamic code obfuscation are still very much in use. However the first half of 2010 has also seen the emergence of new advanced methods as seen in the new combined attacks. Cybercriminals continue to try and outsmart even the latest Internet security protection mechanisms. The report documents these and other emerging threats so that security professionals can improve and increase their precautions within their organisations.

Spam Remains a Significant Threat

Whether targeting vulnerabilities in Adobe Reader/Acrobat through infected PDF files or themed campaigns exploiting the public’s high level of interest in the World Cup by sending out malicious HTML emails and blended email attacks, malicious spam continues to evolve.

Even with successful takedowns of rogue ISPs, the global spam volume continues to increase, marching on unhindered by these efforts, indicating that this beast cannot simply be contained without going after its head: affiliate programs. These programs are set up by dubious online retailers who use Botnet operators – or herders – to drive sales to their websites via spam campaigns. These herders are then paid a commission on any sales made as a direct result of these campaigns.

The new report notes that two of the top three spambots utilise just one affiliate program, Canadian Pharmacy, which remains the most popular because it is the most lucrative. Pharmacy-related spam accounted for 80.7% of all spam in the first half of 2010 and Canadian Pharmacy was responsible for 67% of that spam.

To download the full report, please go to http://m86.it/srfh10.

Related Articles