Thursday, June 21, 2007

Russian Hackers...again

Russian hackers hijack Italian sites to serve exploits blog posted by Ryan Naraine at ZDNET.COM demonstrated again that the war between hackers and security companies is an ongoing event and I doubt that it will be over in the nearest future. Yes, the law enforcement measures were improved across the entire world in the places where we could not expect earlier (China, Malasya). However, the creativity of those who design the malicious software is often above the creativity of those who design the countermeasures. Apparently, Russia is a good source of hackers (as well as the programmers). I would be especially careful to hire the Russian programmers to lower the cost of development if they still live in Russia. You can easily get your financial information stolen by those programmers who may build and hide a back door into your system.

The problem is that the most of the countermeasures are reactive even if some of the vendors
claim that their software includes intelligent engine that can recognize the new malicious program. None of the vendors will ever admit that those "intelligent engines" are good in the lab and on the paper (especially, the marketing) but fail in the field. Could they be sophisticated enough, they would prevent the attacks that involve several components including even the tiny proxy server that after being downloaded serves as a door to download the information stealer(the WebAttacker/MPack exploit toolkit).

While there is no guarantee that the latest-greatest software and OS patches installed on PC will protect you at 100%, it is still important at least to lower the risk of infection. Another countermeasure is to avoid browsing unknown web sites as much as possible. Is it possible? I think so.

While you are reading this article, I recommend you to follow the suggestion of the the blog and to run the Secunia’s free software inspector to scan your machine to look for weak spots.

No comments: