anyweb Posted April 26, 2011 Report post Posted April 26, 2011 Last week I looked at a fascinating sample of malware that specifically targeted users of Google Chrome. Over the past few days, I’ve been looking more closely at this particular malware attack, which appears to be widespread and extremely persistent. Social engineering has become the dominant method of distribution for fake antivirus software. And most modern browsers, with one exception, do a terrible job of dealing with this type of threat. Current builds of Chrome display a terrible flaw that puts you at greater risk than its competitors. In my testing, a malware author was able to exploit Chrome in four easy clicks. In stark contrast, Internet Explorer 9 used some new technology to flag the exact same sites and files as suspicious, providing unmistakable warnings that have been shown to stop 95% of these attacks in their tracks. I’ve captured the experience for both browsers in these two videos and in an accompanying screenshot gallery so you can see for yourself. And if you make it to page 3, you’ll read about the new reputation-based technology that’s given IE9 the lead. First a little background. Fake antivirus software has been around for at least seven years, but this category of attack has exploded in popularity among bad guys in recent months. The technique is simple social engineering, and it works by scaring the target into thinking their system has been infected with a virus (or a whole bunch of them) and then offering to fix the problem—for a fee. The fake AV software often downloads additional Trojans and can actually cause the sort of problems it claims to be solving. Here’s how it goes when you’re using Google Chrome 10 on Windows 7. Notice the attention to detail that the malware authors used in this attack. The dialog boxes and warning screens certainly look like they’re part of Google Chrome. (I recommend clicking the full-screen button in the lower right corner of the video clips below so you can see all the details in each one.) Now here’s an attack from the same set of search results, this time gathered using Internet Explorer 9. The fake scan is a pretty decent imitation of a Windows 7 security screen. But the result is different. By Ed Bott | April 25, 2011, 7:23pm PDT more via zdnet > http://www.zdnet.com/blog/bott/ie9-versus-chrome-which-one-blocks-malware-better/3175?tag=content;feature-roto Share this post Link to post Share on other sites More sharing options...
lord_hydrax Posted April 29, 2011 Report post Posted April 29, 2011 Have to say I've been really enjoying IE9... But what does 'Run Away' do lol? Share this post Link to post Share on other sites More sharing options...
