Internet spreading trojans and backdoors

Discussion in 'malware problems & news' started by pykko, May 30, 2006.

Thread Status:
Not open for further replies.
  1. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    As far as I know since now the only 2 methods to get infected simply by visiting a web page is by a Java Script or by an ActiveX component. Are there other ways to get infected only by visiting the web page? (not downloading...) :)
     
  2. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Yes. Buffer overflows (they're not necessarily related to javascript code), the WMF exploit, Java sandbox evasion (CWS gangs have been using the Java ByteVerify exploit for years).

    EDIT: forgot the ani exploit: http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=159

    In short, there's a whole bunch of ways one can get infected not related to JavaScript and ActiveX.
     
  3. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    If you have WSH enabled, then hidden code in HTML can be run. You need to disable all scripting in the browser, flash, java and etc. It is also important to tight up settings of Windows, browser and any aplications with internet access. Only trusted aplications should be instaled. At least firewall or router should be used as a layer protection to cover up settings. Then you can visit any webpage and chance of getting infected will be 0.001 % or less. But the problem will be, that the most "nasty" pages will open blank, due to too tight settings. [​IMG]
     
    Last edited: May 30, 2006
  4. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    thx guys for your answers. ;)
     
Loading...
Thread Status:
Not open for further replies.