The Latest in IT Security

JAVA Drive-by [infection] On Demand

01
Jul
2011

JAVA is one of the largest computer technology integration in the field of cybercrime because of its status as a “hybrid”. This transforms Java platform in a highly exploited vector for the spread of all types of malicious code.

Even the modern crimeware includes a battery of exploits created to exploit vulnerable versions of JAVA through Exploit Packs, and in fact, together with the PDF files, exploits for JAVA are those with higher success rate.

Now, Drive-by is one of the most widely used techniques to propagate and automate the process of infection via the web. Especially through websites that promise via streaming video display or visual social engineering strategies similar. Combining this methodology with JAVA simply results a Java Drive-by; that is technically the same but using JAVA language and resources. Did you ever see some of these templates?…

…Probably many times!

Every day we see these websites are usually hosted on sites that offer free file storage, but they conceal the necessary instructions to “streamline” the process of infection, simply using a Java applet. In chronological order, the images correspond to the options of: Photo Gallery, Camera Chat and Video Streaming respectively. All, created an automated way through iJAVA.

iJAVA is a On Demand generator (Java Drive-by Generator) of Arab origin, since its first version had a very good acceptance in the area of ​​cybercrime because it allows in just a few clicks, create a simple web page, link to this site a customized malware and automatically upload the page, for example, to one of these services free storage. A dose of visual trivial social engineering but unfortunately extremely effective.
iJAVA Version 1. In just three steps propagators of malware pose a threat personalized accompanying the action with a dose of social engineering.
iJAVA Version 2. Adding a series of “extras”, like the previous version, the creation of the strategy is defined in only three basic steps.Some examples in the wild:
Unlike the first version, the second generation to customize a template itself, which the design is used to “capture” of victims is limited only to the imagination of the attacker being able to achieve infection strategies such as:

Saving time is also an important factor for cybercriminals. And with applications of this style, get the automation necessary to cost savings in terms of time and of course, profits also in economic terms, since in spite of the triviality of the maneuver, cybercriminals often use them in campaigns related to business type of PPI (Pay-per-Install) to boost the economy through affiliate programs.
Related information:
Automatizacion en la creacion de exploits
Automation in creating exploits II
Automating processes anti-analysis through of crimeware
Process Automation anti-analysis II

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments