In response to the news that security researchers have spotted the Ammyy Admin site being used in drive-by-downloader attacks to install the Lurk trojan and other malware, Travis Smith security researcher at Tripwire commented below.
Travis Smith, Security Researcher at Tripwire:
“Human nature is to let your guard down when you feel safe. As users begin to interact with new sites, their trust begins to build over time when there are no negative consequences. Attackers can exploit this trust relationship using drive-by-downloads. By either compromising the website or leveraging malvertising, attackers can redirect users to a malicious website which will leverage a wide array of tools to infect the victim.
Since many exploits rely on known vulnerabilities, the easiest prevention mechanism is to install the operating system and all application patches as soon as possible. Only run applications and browser extensions which are absolutely necessary. Additional code running on the machine, such as applications or browser extensions, increase the attack surface for attackers.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…