Malware Can Be Hidden In Drive-By Download Exploits Using HTML5

According to two researchers from Italian universities in Rome and Salerno, have identified methods through which malware can be hidden in drive-by download exploits using modern HTML5 APIs.

Hackers can use drive-by download method to install malware, spyware or computer viruses on victims computer. Most of these type of exploits are spotted by antivirus softwares, which made the attackers to think different techniques to hide their actions.

On 2013 a research was done and redone in July 2015. Researchers tested out their HTML5-based using VirusTotal antivirus engines and used security bugs in Internet Explorer and Firefox

Developers use three different ways for confusing and clearing malicious code. These methods were successful  against static and dynamic analysis detection engines
  • Delegated Preparation –  Delegates the preparation of malware to the system APIs.
  • Distributed Preparation – Distributes the preparation code over several concurrent and independent processes running within the browser.
  • User-driven Preparation – Lets the user trigger the execution of the preparation code during the time he spends interacting with the page.
Researchers says that, ”a further investigation revealed that this failure [to detect the obfuscated malware] was due to the inability of these [detection] systems  to  recognize  and  deal  with  html5  related  primitives.”

Please feel free to leave your comments, if you are still facing any problem we are here to help you out!
Found this article beneficial? Share This to Your Friends. One of Your Friends Might be waiting for Your Share!

SHARE

About We Greenz

    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment