Ammyy Admin Site Delivers Drive-By-Download Attacks

In response to the news that security researchers have spotted the Ammyy Admin site being used in drive-by-downloader attacks to install the Lurk trojan and other malware, Travis Smith security researcher at Tripwire commented below.

Travis Smith, Security Researcher at Tripwire:

Travis Smith“Human nature is to let your guard down when you feel safe.  As users begin to interact with new sites, their trust begins to build over time when there are no negative consequences.  Attackers can exploit this trust relationship using drive-by-downloads.  By either compromising the website or leveraging malvertising, attackers can redirect users to a malicious website which will leverage a wide array of tools to infect the victim.

Since many exploits rely on known vulnerabilities, the easiest prevention mechanism is to install the operating system and all application patches as soon as possible.  Only run applications and browser extensions which are absolutely necessary.  Additional code running on the machine, such as applications or browser extensions, increase the attack surface for attackers.”

Information Security Buzz