Finjan Predicts Upcoming Cybercrime Trends in 2009
Finjan has announced the latest findings from its Malicious Code Research Center (MCRC) indentifying and analysing the latest trends in cybercrime. In its Web Security Trends Report Q4 2008, MCRC shows how cybercriminals are using PDF and Flash files – that are normally considered to be safe – as a vehicle for distributing their malicious code and for infecting end-user PCs.
Cybercriminals take advantage of the specific functionality available in Flash ActionScript that enables the Flash file to interact with its hosted web page (DOM). They embed their malicious code in Flash files and dynamically inject it into the hosting DOM to exploit a browser-vulnerability and to install a Trojan. Although Flash supports the functionality to prevent such interactions, many sites owners are not using it.
The report further unveils that large ad networks serving Flash-based banner ads did not prevent their ads from interacting with the hosting webpage. As demonstrated in the report, the lack of configuration by ad networks to prevent this interaction, between the served Flash-based ad’s ActionScript and the DOM, has become a new vector for cybercriminals to serve their malicious code undetected.
“Using rich content applications such as Flash files to distribute malicious code has become the latest trend in cybercrime,” said Yuval Ben-Itzhak, CTO of Finjan. “Having the widespread distribution and the popularity of Flash-based ads on the Web, their binary file format enables cybercriminals to hide their malicious code and later exploit end-user browsers to install malware.”
Finjan’s MCRC has continuously followed and covered the evolution of cybercrime in recent years. In its latest trends report, MCRC provides an overview of cybercrime trends in 2008 and presents its predictions for 2009. Key findings include: