DE RU CN DE EN ES FR JP PL UA

News & Events | Sonderangebote | Lizenzierung | Zentrum zur Bekämpfung von Cyber-Kriminalität | Unternehmen

How a system gets infected

Sending a link to a malicious site and making a victim follow it is only half the battle for the phisher. The scammer then needs to get the required information. Trojans are often used for this purpose. Usually the following methods are used to infect a computer that has landed on a compromised (fake) website.

  1. Infection occurs while visiting a compromised site

    No action needs to be taken to get a system infected. It occurs automatically while visiting the website.

    Many websites, regardless of the content, can be infected with viruses or malicious scripts. Files with the extension .js or .vbs — scripts in JavaScript or Visual Basic — are commonly used on web pages, for example, to register the user or to access the site as a user. But these scripts may also include malicious code used to steal information.

    Sites that are more likely to be sources of malware (in descending order of incident frequency)

    • Sites related to technologies and telecommunications
    • Business websites: business outlets, business news portals, accounting-related sites and forums, online courses/lectures, and services to improve business efficiency
    • Adult content websites

    Why does a system get infected?

    The users:

    • Browse the Internet from computers running programs that may have vulnerabilities;
    • Perform their tasks under an administrator account in Windows;
    • Use weak passwords that can be easily cracked;
    • Do not install security updates for programs they use.
  2. Vulnerabilities in the installed software

    Software vulnerabilities cause software errors that can be used to infiltrate a network and interfere with its operation. Theoretically any error in the program code can be used to cause harm to the system.

    Any software, including OS X and Linux, as well as e-banking system software, has vulnerabilities. But Windows and Android, in particular, have many vulnerabilities.

    Software developers do their best to close vulnerabilities, especially critical ones, but sometimes virus writers find them before developers (it's a zero-day vulnerability that is still only known to virus writers or hasn't yet been closed by the software vendor).

    The vast majority of today's "successful" Trojans penetrate the system via vulnerabilities, including zero-day vulnerabilities.

    Attention! Danger!

    Today's malware in most cases remains unnoticed on computers. Sometimes an infection remains undetected until the malware starts operating. In this situation, the PC user does not know that their personal data and money have already been stolen by hackers.