Client-side attacks

client-side attack

client-side attack

Client-side attacks take advantage of weaknesses found in client software usually running on users workstations. Most client-side attacks involve either a web link to a web page that can deliver malware to exploit the client vulnerability or an email with some form of embedded malware that can exploit the client. Another common variation is to use an email to deliver a web link that leads to the malware.

Client vulnerabilities are found in browsers, media formats and media handling programs, email clients and commonly used office applications.

Links to sites hosting malware can easily be posted on message boards or blog comments and can be deliberately included in sites that host some legitimately interesting information as bait. They can also be delivered in emails that attempt to establish some level of trust, including spoofing the source.

The malware can also be delivered directly by an email containing an attachment that is designed to encourage both interest and trust. The attachment will appear to be a normal image, or video, or office application document, but also contains a hidden component capable of exploiting the client program vulnerability to run hostile code. The optimal outcome for the attacker is that they now have access to and control over the client system.

DEFENSE:
Patching – keep client applications and other utility programs patched with updates
Education – make sure your users are aware of client-side attacks and maintain a wary attitude

Leave a Reply

You must be logged in to post a comment.