Updating my address book bebo worm
Fig.2: Publicly available map of internal IP addresses and their website logs Once the human element falls prey to social engineering, and is coaxed into downloading a file/email or visiting an exploit site, the attackers are faced with challenge of defeating a series of network and end point security solutions before conquering the victim’s machine.
As log analysis and security around these external resources have caught on, the attackers have had to evolve their tactics in order to be successful.
Security scanners on the other hand, with a need for speed, identify the file type by inspecting only the first few bytes from the beginning of the file.
An attacker abuses this disparity by creating a malicious ZIP file and manipulating its headers by adding junk data at the beginning of the ZIP file.
So how dow they expect to make money, let alone stay in business? Once they reach a critical mass, they’ll start charging for sending text messages.
Already, a lot of users are using their phones so they can “stay in touch” while out and about.