Archive for the ‘exploits’ Category

47% of Internet software “exploits” first half of 2008 in Chinese

November 4, 2008

SAN FRANCISCO (AFP) – Chinese computer users have become chief targets for online criminals, according to a security report released Monday by Microsoft.

The global software giant’s latest assessment of threats and vulnerabilities reveals that attackers favor hiding malicious programs in seemingly innocent Web browser applications and that China is their preferred target.

Ben Wang, director of Florida State's High-performance Materials ...
Above: Ben Wang’s screen looks like your computer after an “intrusion” or “exploit.”

“The majority of (exploits) we are finding is where the local language is set to Chinese,” said Microsoft malware protection center general manager Vinny Gullotto.

“It reflects a lot of what is happening in the Chinese market. There is so much going on out there with the Internet today that it seems to be somewhat natural that we might see this happen there.”

Approximately 47 percent of software “exploits” found stalking the Internet in the first half of 2008 were in Chinese while 23 percent were in English, the second most common language for attack programs.

These include programs which can record a user’s keystrokes or steal passwords and credit card and banking information.

Microsoft security watchdogs say they find higher computer-infection rates in developing countries where fledgling Internet users aren’t savvy to tricks and traps used by hackers and online criminals.

“They are exploring this whole new world and not thinking about what problems they might face,” Gullotto said.

The weapons of choice for online attacks are “Trojan Horses,” software applications hidden inside programs that computer users are duped or coaxed into downloading, according to the Microsoft report.

“The area of concern specifically is browser-based exploits,” Gullotto said.

“If you are out surfing the Web, good or bad, there is the possibility some exploit on that page is going to take advantage of you and compromise some information on your computer.”

Overall, the number of computer vulnerabilities was down 19 percent in the first half of this year as compared to the same period in 2007. A higher amount of the vulnerabilities that do exist are ranked “high severity.”

“Updating is vitally important,” Gullotto said of protecting computers by keeping operating systems and other software current.

“The newer technology you have in the environment the more secure situation you are going to be in — infection rates come down dramatically.”

Cyber Security: World Bank “Invited” Attack; “Gave Away” Millions of Dollars Through IT Office