Saturday, February 5, 2011

Java Drive : The Next Generation of Threats


Nothing is 100% safe, Not even a simple pop-up window on which you click Yes without giving it a second thought. Ask yourself, Did you ever care to think , every time you clicked on a pop-up(like the one shown below) that you were playing in to the hands of a malicious attacker.




From now onwards, look at it once more to check whether it is malicious or not.

"Drive-by download" is basically the “download of any malicious/unwanted content on a computer without the knowledge of the user”

It's a fake webclient or you may call it a fake certificate, whose sole purpose is to take control of your system. It may be through the installation of Keyloggers,viruses or trojans.

In terms of programming, it’s a simple Java applet.
If you’re a good programmer, you could make one of those yourself.

Now, in the case of common users, they won't think of the pop-up as anything but a tool required to see a flash video or view a webcam, or even a simple HTML page. Thats why this attack is so much widespread and successful.

This type of attack is by far the simplest to pull and does not rely on any particular kind of vulnerability. The Java Runtime is the only browser-embeddable object which gives such a degree of access from simple Web pages. Flash, Adobe Reader, and even Signed JavaScript (disabled by default) wont allow you to do all of these, mainly because it is highly insecure!

If you have never seen anything like this, it is a warning shown when the security certificate is crypted.

This does'nt mean that the Java platform, in particular, is vulnerable and that we should avoid all objects online using java. Infact it is an awesome platform for web apps. The main thing here is the human factor which is highly exploitable.

The aim here is to just expose the widely used hacking methods online.
Use a good antivirus. Keep updating your browsers. Don’t run Active-X content unless you’re sure what it is.

It is just like a hidden pop-up box saying,

“Do you wanna give the whole access to the attacker”

And you click YES!!

So, before you click, think twice!!

Happy Hacking!

Aditya
Email : adityagupta1991@gmail.com
FB : aditya1391
Ever cared to look back again, when you everytime clicked on the “OK” button of this popup :




From now on, look at it once more. To check out that it isn’t malicious. And something isn’t hidden behind it.

Drive-by download is basically the “download of any malicious/unwanted object on a computer without the knowledge of user”

It is a fake webclient or you may say a fake certificate, whose sole purpose is to take control of your computer/user accounts. It may be through install of Keylogger or RAT, whatever the attacker wishes.
It’s a simple Java applet. If you’re a good programmer, you would be able to make one of those yourself.
Now a normal user will approve anything like that certificate in order to play a game, see a flash video or view a webcam.
This type of attack is by far the simplest to pull and does not rely on any particular kind of vulnerability. The Java Runtime is the only browser embeddable object which gives such a degree of access from simple Web pages. Flash, Adobe Reader, and even Signed JavaScript (disabled by default) wont allow you to do all of these, mainly because it is highly insecure!
The chances of getting success using this vulnerability is more than 90%.
If you have never seen anything like that it is a certificate shown when the security certificate is crypted.
Java in particular isn’t vulnerable and it isn’t that we should avoid all objects online using java. It is an awesome platform for web apps, the main thing here is the human factor.
The aim here is to just expose the widely used hacking methods online.
Use a good antivirus. Keep updating your browsers. Don’t run Active-X content unless you’re sure what is it.
It is just like a hidden pop-up box saying,
“Do you wanna give the whole access to the attacker”
And you click YES!!
So, before you click, think twice!!