Four Years of Web Malware by Google’s Safe Browsing

Discussion in 'malware problems & news' started by fsr, Aug 22, 2011.

Thread Status:
Not open for further replies.
  1. fsr

    fsr Registered Member

    Joined:
    Jul 26, 2010
    Posts:
    190
    (Not sure if this was posted before...)

    Read synopsis here or full report here
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Good read.
     
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    The report seems to go against your thought that exploits aren't so common, or less common that social engineering.

    Just an observation. Nothing else. :)
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    That's why it was so interesting.

    I heard just the other day that you were 4x more likely to run into socially engineered malware than an exploit. Now I'm hearing the complete opposite.
     
  5. wat0114

    wat0114 Guest

    What you heard could probably still be true. If you read what Highly regarded (certainly in my books)Wilders member Rmus recently had to say about malware - to you no less ;)

     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yes =p I'd read that.
     
  7. wat0114

    wat0114 Guest

    Right, and in spite of that article, I for one agree with Rmus and believe social engineering is still the most common form of malware infestation. No wonder he finds this stuff boring, because it's so easy to prevent :)
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't know what to believe! haha

    Google shows it to be a tiny fraction of an issue...
     
  9. wat0114

    wat0114 Guest

    With so many conflicting reports, it can be difficult to decide on what to believe, although I tend to believe Rmus because besides his expertise, he speaks logically, unemotionally, and truthfully. He seems to prove over and over again that all these exploits are not much different than years past, and especially how easy they are to avoid, mostly with measures applied to the browser itself, as well as the use of some common sense.
     
  10. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    This is not entirely correct. Malicious code doesn't have to, necessarily, write to disk. One could face an exploit resulting in a process in memory being hijacked.

    Remember the situation I mentioned about Sandboxie, where a browser's process is hijacked. This is why Sandboxie would be ineffective to prevent, say, a keylogger in such a way, become the malicious code would be injected to the browser's process. There would be nothing for Sandboxie to block start/run and Internet access.

    While I agree that exploits are easy to prevent/mitigate, malware doesn't necessarily need to write to disk (get installed).
     
  11. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From IT Threat Evolution: Q2 2011:
    The "4x" statistic that Hungry Man cited above is from a reference that is at least several years old, if I recall correctly.
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Could be. I can't even remember it.
     
  13. wat0114

    wat0114 Guest

    That must be the way things are going, then. Wow, how trends have changed in the malware landscape! But getting back to "how it can be hard to believe" I, like so many others no doubt, surf all over Hade's creation, and never encounter malware drive-bys or such. That's probably the main reason why I'm not so easily convinced, and not just because I'm stubborn by nature :D
     
  14. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    When testing I see lots of exploits.

    I'm also much more worried about exploits.
     
  15. wat0114

    wat0114 Guest

    I've been meaning to call my ISP to find out if they are filtering malware and spyware at their end. Based on the services in my account, it looks like they might be, and as part of the package as well, but I can't be sure until I ask. I'll call them tomorrow.
     
Loading...
Thread Status:
Not open for further replies.