356lecture09

Browser and certain web sites of interest payload

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview:   bots join a specific channel on this server and treat incoming messages as commands •  more recent botnets use covert communication channels via protocols such as HTTP •  distributed control mechanisms use peer-to-peer protocols to avoid a single point of failure Payload – Information Theft Keyloggers and Spyware keylogger •  captures keystrokes to allow attacker to monitor sensitive information •  typically uses some form of filtering mechanism that only returns information close to keywords (“login”, “password”) spyware •  subverts the compromised machine to allow monitoring of a wide range of activity on the system •  monitoring history and content of browsing activity •  redirecting certain Web page requests to fake sites •  dynamically modifying data exchanged between the browser and certain Web sites of interest Payload – Information Theft Phishing •  exploits social engineering to leverage the user’s trust by masquerading as communication from a trusted source •  include a URL in a spam e-mail that links to a fake Web site that mimics the login page of a banking, gaming, or similar site •  suggests that urgent action is required by the user to authenticate their account •  attacker exploits the account using the captured credentials •  spear-phishing •  recipients are carefully researched by the attacker •  e-mail is crafted to specifically suit its recipient, often quoting a ra...
View Full Document

Ask a homework question - tutors are online