The article "Modern Internet attacks" is provided by Sophos Plc and SophosLabs.

August 2007

This article focuses on the methods of using the Internet for spreading modern malware. Flexible and convenient business and communication environment is also convenient for attackers. Companies aimed at financial profit use more and more sophisticated and aggressive infecting methods. Modern Internet attacks used many tools to become more effective and increase the scale of infection. This article tells how how compromised sites and social engineering techniques are used to attract victims to the attacking sites. Many attacking sites are created using free PHP tools, so the attack does not require any special technical skills. Automatic updates supported by many of such sets allow adding new browser vulnerabilities as they are discovered.

Malicious scripts used for attacking are usually well camouflaged to avoid detection and complicate the analysis. Detecting such scripts in real time can be a time-consuming task and present a considerable problem for antivirus software Although the scripts used for attacking are are camouflaged, most of them are in fact the same. They use comparatively small number of similar exploits to attack the victim and install malware.

The article also describes the spreading of server automation that lets the attackers change the malware regularly. This adds to the aggressiveness of modern malware attacks. Such tactics, designed to avoid detection, shows that companies dealing with security need to create sophisticated systems for detecting and tracking online attacks.

With the development of the Internet technologies, the opportunities and methods of Internet attacks develop as well. To protect against them, we need such technologies as URL classification and content checking.