Evasive internet attacks, where malware evades internet security systems, are a growing threat.
Web security firm Finjan has published a report on the problem, which sees attacks designed to bypass signature-based and database-reliant security technology.
Finjan said evasive attacks relied on various tactics. For instance, in order to minimise the malicious code’s window of exposure, website evasive attacks can keep track of actual IP addresses of visitors to a particular website or web page.
Using this information, the attackers restrict exposure to the malicious code to a single view from each unique IP address. This means that the second time a given IP address tries to access the malicious page, a benign page will be automatically displayed in its place.
All traces of the initial malicious page completely disappear. This tactic reduces the chance of the malware being detected by supplier security systems.
Another tactic is to pay owners of specific websites a fee for each user that is infected with malware that can be used to generate financial gain for the hackers.
Quite often, websites will automatically assume that the advertising they sold will be legitimate, but they forget or don’t care that the space sold could be sub-let, including to hackers.
Comment on this article: e-mail firstname.lastname@example.org