Cybercriminals tap into Flash ads, says Finjan

Cybercriminals are using rich content applications such as Adobe...

Cybercriminals are using rich content applications such as Adobe Flash files to distribute malicious code in the latest online crime trend, says security supplier Finjan.

Adobe Flash applications are widespread on the internet and are frequentlyused to display eye-catching billboards to attract visitors to websites.

Criminals are now exploiting the ActionScript feature of Flash which interacts with web pages to pass on malicious code to end-users, according to Finjan's latest quarterly web security report.

The binary format of Flash files enables cybercriminals to hide malicious code and later exploit end-user browsers to install malware, said Yuval Ben-Itzhak, chief technology officer at Finjan

Many website owners are exposing visitors to security risks by not following guidelines published by Adobe to control these interactions, the report said.

Large advertising networks using Flash-based banners are also not configuring systems to prevent their ads from interacting with web pages.

According to the report, this method of attack has become an important new way for cybercriminals to pass on malicious code without being detected.

The report said criminals will continue to use the most advanced techniques and services that Web 2.0 can offer in the year ahead.

Cybercrime, the report predicts, will keep on rising, with an increasing number of unemployed IT professionals likely to start contributing to the underground economy.

Read more on IT risk management