- see the content of the website you’re on
- perform various actions (example: fill out a form or download a file from a website)
- see the online ads (banners) on that website, etc.
Because online browsing is one of the strongest online habits that users have, cyber criminals target exactly that. Online attackers frequently redirect users to compromised websites. These can be either created by them or they can be legitimate websites they’ve hacked into. According to Sophos, “82% of malicious sites are hacked legitimate sites”! Source: Naked Security blog by Sophos What defines an infected website is that:
- cyber attackers have loaded malicious content or malicious software from a remote server.
- You, as a user, unwittingly browse the compromised website.
- They are executed through your browser, triggering the malware infection.
- The exploit kit used in the attack (hosted on the exploit server) probes your system for software vulnerabilities.
- Once the exploit finds the vulnerability, it uses it to gain access to your PC’s functions.
- This grants the exploit kit the right to execute code and download additional files from the Internet with administrator privileges.
- In the next step, malware will be downloaded onto the PC and executed.
- The malware can perform damaging functions on the PC. It can also collect information from the infected system and send it to the servers controlled by cyber criminals.
Unfortunately, once a .JS file has been saved to your hard disk, Windows will run it by default outside your browser, using a system component called WSH, short for Windows Script Host. A standard system program called WScript.exe (or its companion, CScript.exe, for command-line scripts with no graphical interface) will load your script, feed it into WSH, and then run it with all the power that a regular executable program would enjoy.
Source: IT Portal Six months later, a new ransomware strain called RAA appeared. It featured a dumfounding feature:
- Keeping your software updated at all times (your browsers, apps, operating system, etc.)
- Using a strong antivirus product with extensive capabilities
- Installing a traffic filtering solution that can ensure proactive security
- Never clicking on links in unsolicited emails (spam)
- Never downloading and opening attachments in spam emails
- Keeping away from suspicious websites.
And if you want to go the extra mile, here’s a setting you can adjust in your Chrome browser:
- Click the Chrome menu Chrome menu in the top right hand corner of your browser
- Select Settings
- Click Show advanced settings
- Under the “Privacy” section, click the Content settings button.
If malware attacks such as the ones I mentioned ever made you feel helpless, there’s no reason to feel this way. The entire process may be complicated for cyber criminals, but there are plenty of protection methods available. You should be unwilling to succumb to fear and adopt the “there’s nothing I can do about it” attitude. Educate yourself, build a multi-layered security system and you’ll be safer than most Internet users will ever be. You’re not alone in this! Our team as well as many other security researchers and vendors are working constantly to build a safer web. Get on board!
The easy way to protect yourself against malware
Here’s 1 month of Thor Foresight Home, on the house!
Block malicious websites and servers from infecting your PC
Auto-update your software and close security gaps
Keep your financial and other confidential details safe