Browsing the deeps - a look into malware in the web presented at Virus Bulletin 2007

by Sami Rautiainen (Stonesoft),

Tags: Security


Summary : "In today's world, more and more applications are moving into the web. In the networked world, the complex online
services make users and businesses dependant on the Internet and one particular application - the web browser.
A modern web browser is a complex piece of software which, instead of just viewing static web pages, must be able to
provide a powerful platform for the advanced interactive programs available online - via scripting.
Authors of malware have realized the power of scripts embedded to web pages, too. Nowadays malicious programs commonly
seen in the field exploit browser vulnerabilities combined with script-based obfuscation techniques to get executed
while keeping their activity hidden in the background.
In addition of the direct attacks against the browser, the modern online applications themselves provide additional
layer of complex functionality that can and is abused by malware.This paper will look into how web-based scripting is used by malware encountered in the field, and examines techniques
as well as tools available to help their analysis. Also the challenges that complicated scripts present to a
detection engine are discussed.