There are firms which use blended threats, a combination of elements of worms, viruses and trojans, to replace legitimate ads in web pages with their own ads.

Jim Murphy’s Report ‘Evolution of Blended Threats’ warns IT managers about the increasing risks of blended threats and offers tips for ‘building comprehensive layered defenses’.

“Blended threats combine elements of worms, viruses, trojans (collectively known as malware), spam and even social engineering into a variety of more dangerous, malicious forms. They propagate via both wired and wireless networks, spreading through e-mail, web pages, P2P and instant messaging. Successful blended attacks often exploit vulnerabilities found in systems and networks, and can mutate rapidly to avoid detection.”

“In addition to collecting personal information, some of the phishing websites exploit browser vulnerabilities to silently install software on the victim’s computer, including spyware that hijacks the user’s home page, or replaces legitimate ads in web-pages with their own, allowing criminals to make money from advertising. A “marketing” firm recently offered to pay a little over 6 cents for each system compromised to display its advertising; it was able to quickly recruit over 200,000 machines into its network.”

Jim Murphy advices the IT managers to build up their defense by doing the following:

Offering education programmes for users, implementing effective defenses at all entry and exit points, installing constant filtering, establishing close relationship with software and hardware vendors as well as local and federal law enforcement.

To read the full report click here.

The report is in PDF format so you need to have Adobe Acrobat reader installed before going to the link.

Click here to download a free PDF reader.

Sharing is caring