Adobe Reader, IE Flaws Most Exploited By Hackers: Report


Of the Top 15 most exploited vulnerabilities, four involved Adobe Reader and five targeted Microsoft's Internet Explorer, according to an M86 Security Labs report for the first half of 2010.

These and other findings were highlighted in the comprehensive bi-annual report, issued by security company M86, which emphasized how attackers are using blended threats and combined attacks to circumvent security controls.

Altogether, the report found that Java-based vulnerabilities are on the rise and continue to be successfully exploited by hackers, while the SQL injection Asprox botnet gains traction, anti-detection techniques experiences an upsurge and pharmaceutical spam continues to proliferate.

One of the most significant findings was that both JavaScript and ActionScript seemed to be the scripts of choice for hackers, who are increasingly relying on them to create attacks circumventing security software.

Specifically, cybercriminals are using these scripts to deploy blended, multi-pronged attacks, which are more complex and difficult to detect, in an effort to limit the effectiveness of proactive security controls and to cover their tracks. The combined attacks are executed by splitting the malicious code between Adobe ActionScript language, which is built into Adobe flash, and JavaScript components on the Web page.

Perhaps surprisingly, the most exploited vulnerabilities in 2010 were for flaws that both Microsoft and Adobe had disclosed and repaired years ago, indicating how users have continually failed to install vendor-issued patches, and underscoring the necessity of keeping software up-to-date, the report stated.

The report also indicated the emergence of the Asprox botnet, renowned for infecting legitimate sites with malware. Thus far, more than than 10,000 Advanced Persistent Threat sites were found to be infected by the Asprox Spambot over a period of three days.

Among Asprox' many talents is the capability to perform its own Google search to seek out sites vulnerable to Advanced Persistent Threat attacks. It then both sends spam and launches massive automated SQL injection attacks used to infect legitimate Web sites with malware. Users who visit the site are then automatically infected with malicious code.

Finally, the report also found that total spam output remains high with the proliferation of major spambot operations. Five botnets are responsible for 75 percent of all spam.

Perhaps not surprisingly, pharmaceutical spam constitutes the lions' share -- 80 percent -- of all spam, indicating the success of major spam affiliate programs such as the Canadian Pharmacy. Spammers are also getting creative during their attacks by deploying combined threats, and using malicious PDF and HTML attachments that launch malware onto users' computers once opened.