Cyber Crime and Cyber Terrorism



Download 5,67 Mb.
Pdf ko'rish
bet240/283
Sana19.05.2022
Hajmi5,67 Mb.
#604880
1   ...   236   237   238   239   240   241   242   243   ...   283
Bog'liq
Cyber crime and cyber terrorism investigators handbook by Babak

236
CHAPTER 17
Responding to cyber crime and cyber terrorism
The whole purpose of Blackhole is to infect victims with some payload. The pay-
loads are typically polymorphic, packed with custom encryption tools and designed 
to evade antivirus detection (a process which is helped with the built-in AV checking 
functionality of Blackhole). The most prevalent payloads installed in the past few 
years include fake AV, Zeus, ZeroAccess rootkit and Ransomware.
One of the most important new features of Blackhole is the automation through 
which you can exploit servers and clients by a large amount of vulnerabilities (re-
member that both Zeus and Blackhole are networks constantly managed and updated 
remotely). Web Servers with some vulnerability (compromised servers) may be used 
to host Blackhole directly or to redirect clients toward “ad-hoc-builded” Blackhole 
Web Sites.
An attacker can use a compromised server in order to steal information of 
all users of the same server also known as a Watering Hole attack. The attackers 
study the behavior of people who work for a target organization, to learn about 
their browsing habits. Then they compromise a web site that is frequently used by 
employees—preferably one hosted by a trusted organization which represents a 
valuable source of information. Ideally, they will use a zero-day exploit. So when 
an employee visits a web page on the site, they are infected, typically a backdoor 
Trojan is installed allowing the attackers to access the company’s internal network. 
In effect, instead of chasing the victim, the cybercriminal sits in a location that 
the victim is highly likely to visit—hence the watering-hole analogy (
Kaspersky, 
2013

Symantec, 2013
).
The other important aspect, from the criminal point of view, is the change of the 
criminal business model. Older versions of malware were offered for sale at very 

Download 5,67 Mb.

Do'stlaringiz bilan baham:
1   ...   236   237   238   239   240   241   242   243   ...   283




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish