Chapter 1 - 03 - Define Malware and its Types - 02_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Common Exam 212-82 Techniques Attackers Use to Distribute Malware on the Web ‘ ; ’ Black hat Search Engine op ation (SEO) | Secial Engincesed | Tricking usersinto clicking on innocent-looking webpages Spear-phishing Sites | Mimicking legitimate institutions in an attempt to steallogin credentials I of legitimate, high-trafficsites |. e Hosting embedded malware that spreadsto unsuspecting visitors Click-jacking - 1 stising Compromised Legitimate Websites Drive-by Downloads Spem Emelle Ranking malware pages highly in search results ’ Embedding malwarein ad-networks that displayacross hundreds | Exploiting flaws in browser software to install My visiting a web page | Attaching the malwareto emails and tricking victims to click the attachment Copyright © by EC- malware ’ just by ’ 1. All Rights Reserved. Reproduction i Strictly Prohibited Common Techniques Attackers Use to Distribute Malware on the Web Source: Security Threat Report (https://www.sophos.com) Some standard techniques used to distribute malware on the web are as follows: = Black hat Search Engine Optimization (SEO): Black hat SEO (also referred to as unethical SEOQ) uses aggressive SEO tactics such as keyword stuffing, inserting doorway pages, page swapping, and adding unrelated keywords to get higher search engine rankings for malware pages. ® Social Engineered Click-jacking: Attackers inject malware into websites that appear legitimate to trick users into clicking them. When clicked, the malware embedded in the link executes without the knowledge or consent of the user. = Spear-phishing Sites: This technique is used for mimicking legitimate institutions, such as banks, to steal passwords, information. credit card and bank account data, and other sensitive ® Malvertising: This technique involves embedding malware-laden advertisements in legitimate online advertising channels to spread malware on systems of unsuspecting users. = Compromised Legitimate Websites: Often, attackers use compromised websites to infect systems with malware. When an unsuspecting user visits the compromised website, he/she unknowingly installs the malware on his/her system, after which the malware performs malicious activities. Module 01 Page 26 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Exam 212-82 = Drive-by Downloads: This refers to the unintentional downloading of software via the Internet. Here, an attacker exploits flaws in browser software to install malware by merely visiting a website. *= Spam Emails: The attacker attaches a malicious file to an email and sends the email to multiple target addresses. The victim is tricked into clicking the attachment and thus executes the malware, thereby compromising his/her machine. This technique is the most common method currently in use by attackers. In addition to email attachments, an attacker may also use the email body to embed the malware. Module 01 Page 27 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.