This blog has already been merged at RunningAtom.
You will be re-directed shortly!

pEDo: Nine Ball Attack - The other side of my cerebro.

pEDo

Piraso ng kung ano-ano!

7/07/2009 01:42:00 PM

Nine Ball Attack

There has been a report of a new way to hack Internet users’ systems and steal information from victims such as passwords, account numbers, etc. called the Nine Ball Attack. Believed to have infected already over 40,000 legitimate websites, it works by infecting a website which then redirects victims to sites owned by the attacker. The malicious site then downloads Trojans with keylogger components onto the victim’s computer and can log keystrokes.

Nine Ball uses the following multi-level attack method:

1. Victim visits legitimate infected site.
2. Victim is redirected to one of a number of malicious sites owned by attacker.
3. The malicious site attempts to download malware to user’s computer through a number of vulnerabilities in common applications including MDAC, AOL SuperBuddy, Adobe Reader, and QuickTime exploits.
4. The malware is generally a keystroke logger which is then used to steal information from the victim.

Users and administrators are encouraged to take the following preventative measures to mitigate the security risks:

· Install anti-virus software and keep it up to date
· Install patches on systems with vulnerable applications highlighted above
· Do not browse unknown and untrusted web sites
· Do not follow unsolicited and redirected web sites.
Related Posts Plugin for WordPress, Blogger...