Unraveling Web Malware

Download Now Free registration required

Executive Summary

Security researchers and IT administrators have recently witnessed a rapid rise in the use of Web-based blended threats-for example, dangerous (and potentially obfuscated) JavaScript and ActiveX code-to exploit client browsers and operating systems. The rise coincides with the increasing use of Web 2.0 technologies that allow for user-contributed content, syndicated content, iframes, third-party widgets (or applets), and advertising into which malicious software ("Malware") can be injected. These exploits can lead to infection by bots, which run on local computers and can be controlled remotely. In a paper presented at USENIX 2007, Provoset al determined that approximately 9% of all suspicious web sites launched drive-by downloads of malware binaries.

  • Format: PDF
  • Size: 1310.72 KB