Drive-by downloads can have dire results

Sometimes, even a quick stop at a suspicious site can lead to a world of problems ... in real life or on the internet. "Drive-by" downloads are a new phenomenon that spell trouble for internet surfers.

Drive-by downloads can have dire results
Sometimes, even a quick stop at a suspicious site can lead to a world of problems ... in real life or on the internet. "Drive-by" downloads are a new phenomenon that spell trouble for internet surfers.

For about a year, criminals have used this tool to send dangerous data mining programs to computers that visit certain websites.

The road to danger usually starts with an e-mail. Spam mails now come with links to purported deals that criminals use to tempt people to their sites. Messenger programs are also used to offer temptation. Any surfers who follow these links are in for trouble.

"Everyone should be sceptical," says Andreas Marx, manager of the IT security firm AV-Test in Magdeburg. Routinely, dubious websites offering erotic content or gambling opportunities, turn out to be a front for criminal operations.

If these criminals can use the websites to install software on a person's computer, they can use the program to sort through the person's private information. Some programs can even catch banking transactions, copy them and, in worst case scenarios, transfer the money to another account than intended.

To protect themselves from these kinds of attacks, internet users should always use the most up-to-date operating system, with current patches, updated virus scanners and a firewall. Updated versions of browsers are also recommended, as manufacturers routinely upgrade these programs to fix problems exploited by criminals.

"There are always security gaps in browsers," says Marx. Microsoft's Internet Explorer is a particularly popular criminal target, because it's so popular.

"Functions for manipulating the active contents of today's browsers are a common entry point for a large majority of dangerous computer programs," says Martin Bierwirth of the Federal Office for Information Technology Security (BSI) in Bonn.

Invisible program elements or scripts on a website are often perceived by computers as active contents. The most common include Java applets, ActiveX or JavaScript. Functions like online spelling checks or drag and drop applications on websites are controlled in this way. Bierwirth advises turning off these functions.

Computer users do not have to go to suspicious websites to encounter danger. Hackers are starting to use regular, non-offensive websites as launching sites for their "drive-by" platforms, says Frank Ziemann, IT security expert and operator of the hoax-info.de website. That makes it all the more important to keep software up to date.

Ziemann explains the appeal of using websites for drive-by downloads.

"It's really easy for criminals." Free webspace, offered by many providers, is also becoming a popular target for criminal programs.

In Internet Explorer, scripts can be turned off by accessing the "Extras" tab, followed by "Internet Options," and "Security." Once there, click on the "high" security option. However, these security standards have to be temporarily lifted to let Windows update patches.

The free tool "xp-AntiSpy" helps computers switch quickly from update to secure mode. Firefox offers the free "NoScript" add-on, which gives its user control over all Script downloads. It can be installed by clicking on "Extras" followed by "Add-ons" and "Download Expansions."

DPA
Last Mod: 13 Ağustos 2007, 13:52
Add Comment