drive-by downloads

While Android malware continues to grow faster than other malware types, it still accounts for only a minute fraction of all malware on the Web, according to Cisco’s annual security report released this week.Compromised websites hosting malicious Java and iFrame attacks and other malware far and away outpaces all other delivery vectors for malware, Cisco’s report said.

An updated version of the Blackhole Exploit Kit appears to now offer an emerging technique to boost infection and redirection rates: a pseudo-random domain generator.The automation feature was discussed this week in a blog post by Symantec security researcher Nick Johnston, in which he outlined how a script injected into a compromised site can regularly register other URLs to maintain the Web-based attack.

The websites of the BBC’s 6 music and 1Xtra radio stations
have been injected with a malicious iframe and are redirecting users to a site
serving up malware according to a Websense report Tuesday.

Just days after Google researcher Tavis Ormandy released details on a dangerous new Java vulnerability, malicious hackers have pounced and are exploiting the flaw in the wild to launch drive-by download attacks.

Researchers are preparing to release a free tool to stop
“drive-by” downloads: Internet attacks in which the mere act of
visiting a Web site results in the surreptitious installation of
malicious software. The new tool, called BLADE (Block All Drive-By
Download Exploits), stops downloads that are initiated without the
user’s consent. Read the full article. [Technology Review]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.