Home » Finjan Outlines How PDF and Flash Files Containing Malicious Code Are Used By Cybercriminals To Infect PCs

Finjan Outlines How PDF and Flash Files Containing Malicious Code Are Used By Cybercriminals To Infect PCs

Farnborough, United Kingdom – 9th December, 2008

Finjan Inc., a provider of secure web gateway solutions for the enterprise market, today announced the latest findings by its Malicious Code Research Center (MCRC) in identifying and analyzing the latest trends in cybercrime.

In its Web Security Trends Report Q4 2008, MCRC shows how cybercriminals are using PDF and Flash files – that are normally considered to be safe – as a vehicle for distributing their malicious code and for infecting end-user PCs.

Cybercriminals take advantage of the specific functionality available in Flash ActionScript that enables the Flash file to interact with its hosted web page (DOM). They embed their malicious code in Flash files and dynamically inject it into the hosting DOM to exploit a browser-vulnerability and to install a Trojan. Although Flash supports the functionality to prevent such interactions, many sites owners are not using it.

The report further unveils that ad networks serving Flash-based banner ads did not prevent their ads from interacting with the hosting webpage. As demonstrated in the report, the lack of configuration by ad networks to prevent this interaction, between the served Flash-based ad’s ActionScript and the DOM, has become a new vector for cybercriminals to serve their malicious code undetected.

“Using rich content applications such as Flash files to distribute malicious code has become the latest trend in cybercrime,” said Yuval Ben-Itzhak, CTO of Finjan. “Having the widespread distribution and the popularity of Flash-based ads on the Web, their binary file format enables cybercriminals to hide their malicious code and later exploit end-user browsers to install malware.”

Finjan’s MCRC has continuously been following and covering the evolution of cybercrime in recent years. In its latest trends report, MCRC provides an overview of cybercrime trends in 2008 and presents its predictions for 2009.

– Cybercrime will keep on rising with an increasing number of unemployed IT professionals joining in

– Cybercriminals will benefit from the Obama Administration’s plan to bring Broadband Internet access to every American

– Cybercriminals will continue to leverage the most advanced techniques and services that Web 2.0 can offer, with a focus on Trojan technologies

Concludes Ben-Itzhak: “Cybercriminals will continue to be highly successful in their crimeware attacks, deploying the latest technologies, especially sophisticated data-stealing Trojans. By staying ahead of traditional security methods, they will keep on maximizing their considerable profits. The optimal way to prevent malicious files from infecting PCs and corporate networks is active real-time content inspection technologies that can inspect each and every piece of Web content in real-time to detect malicious code without the need for signatures.”

About MCRC

Malicious Code Research Center (MCRC) is the leading research department at Finjan, dedicated to the research and detection of security vulnerabilities in Internet applications, as well as other popular programs. MCRC’s goal is to stay steps ahead of hackers attempting to exploit open platforms and technologies to develop malicious code such as Spyware, Trojans, Phishing attacks, worms and viruses. MCRC shares its research efforts with many of the world’s leading software vendors to help patch their security holes. MCRC is a driving force behind the development of next generation security technologies used in Finjan’s proactive web security solutions. For more information, visit our MCRC subsite.

About Finjan

Finjan is a global provider of secure web gateway solutions for the enterprise market. Our real-time, appliance-based web security solutions delivers an effective shield against web-borne threats, freeing enterprises to harness the web for maximum commercial results. Finjan’s real-time web security solutions utilize patented behavior-based technology to repel all types of threats arriving via the web, such as spyware, phishing, Trojans, obfuscated code and other malicious code, securing businesses against unknown and emerging threats, as well as known malware.

Leave your response!

You must be logged in to post a comment.