The new favorite target of hackers is browser plug-ins

According to IBM 's network security research, hackers' locations have changed from operating systems to browsers and are now plug - ins in this application. In the first 6 months of 2008, there were 78% of such attacks.

IBM's investigation of network security (X-Force) also found that after only 24 hours of DNS vulnerabilities were announced, 94% of exploits were browser-related vulnerabilities. These attacks, known as "zero-day exploits", appear on the Internet before people realize they have a security hole in their system and cannot keep up. hand.

The new favorite target of hackers is browser plug-ins Picture 1 Photo: Thetechherald " We found that cyber criminals used automated tools to create and distribute attackers 'Tools' while taking advantage of widely published vulnerabilities as targets "Kris Lamb, research director of X-Force, said. " Evidence shows that the security gap published by independent researchers is twice as high as zero-day. I think the vulnerability announcement must be responsible." higher responsibility and managed by a standard, otherwise it will inadvertently help the cybercrime ".

X-Force's report also confirms that the new hacker trend is automatic and widespread. More than 50% of exploits of vulnerabilities are involved in web server applications using SQL (Structured Query Language - SQL) that creates automated attacks and targeting many systems. SQL errors from 25% in 2007 increased to 41% of all web server application security vulnerabilities in the first half of 2008.

In the spam issue, instead of the complicated spam of 2007 (based on images, in the form of attachments .), the scammers now use simple URL spam to make the filter very difficult to detect. them. Nearly 90% of spam today is using URLs. And Russia remains the largest source of spam, responsible for 11% of the world's spam, followed by Turkey with 8% and the US with 7.1%.

As online games and virtual communities continue to be popular, online humans become an exciting target of cybercrime. The X-Force report said the top four password-stealing Trojans all target gamers. The goal is to steal virtual assets and resell them to make real money in online markets.