Evasive Web attacks are on the rise, says Finjan

These sophisticated new Web attacks vanish upon second visits and also know how to block search engines.

Criminal hackers are flying well below the radar these days with a new technique that, according to security vendor Finjan, marks a new level of sophistication among criminal hackers. Documenting this trend in its latest Web Security Trends Report, Finjan calls these "evasive attacks" because of their stealth-like quality. First, criminal hackers use a cross-site scripting attack to place an IFrame that calls down malicious code on a popular Web site. That part is not new. What is new is the fact that the end-user is hit with the malicious code only once, making it hard for network forensics tools to spot the new attack vector, or for end-user protection to block it.

Finjan says in its Q2 2007 report the new attack is so sophisticated that the second time the user visits the infected site, all traces of the malicious code simply vanish. Moreover, since the malicious code can determine and hide itself from repeat visitors, it can also identify Web crawlers and hide itself from search engines, URL filtering, and reputation filters as well.

About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    Find Your Tech Type

    Take our tech personality quiz and enter for a chance to win* high-tech specs!