Hackers Increasingly Look for Cross-Platform Vulnerabilities
A Microsoft security researcher says malware makers seek 'economies of scale'.
More and more hackers are targeting the same application vulnerabilities on Macs and Windows PCs as a way to reap the financial benefits of writing cross-platform malware.
The trend involves exploiting vulnerabilities that go as far back as 2009 in Office documents. Other cross-platform, third-party technologies favored by hackers include Java, Adobe PDF and Adobe Flash, Microsoft security researcher Methusela Cebrian Ferrer said Tuesday in the company's Malware Protection Center blog.
Targeting the same vulnerabilities in applications commonly found on both platforms allows hackers to reap profits twice from the same malware, a trend Ferrer calls "economies of scale in cross-platform vulnerabilities.
"This method of distribution allows the attacker to maximize their capability on multiple platforms," he said.
Stephen Cobb, security evangelist for ESET, said cybercriminals have treated malware development and methods for infecting systems as a business for years. "We can expect to see further application of business logic -- such as economies of scale, division of labor and risk/reward calculations -- to developments in this space," he said in an interview via email.
Microsoft spotted the latest trend while investigating malware called Backdoor Olyx, which the software vendor first spotted a year ago.
Although targeted vulnerabilities may have already been patched by vendors, hackers bank on user negligence when it comes to installing software updates.
As an example, people are notoriously slow in installing Java patches to Windows PCs and Macs. As much as 60 percent of Java installations are never updated, according to security vendor Rapid7.
"All these un-updated applications on the desktop, whatever they may be, are low-hanging fruit," said Jamz Yaneza, research manager for Trend Micro. "These are the easiest things to attack."
Microsoft spotted the latest trend while investigating malware called Backdoor Olyx, which the software vendor first spotted a year ago. Subsequent variants since then demonstrated the cross-platform approach taken by malware writers.
Backdoor Olyx and its variants are typically downloaded by victims clicking on malicious links or visiting malware-distributing Web sites. The Trojans are also distributed through e-mail attachments.
Because the malware attacks known vulnerabilities, the best defense is to keep security software up-to-date and install the latest operating system and third-party security patches. "This best practice should extend to all devices and platforms, especially those in large enterprise networks," Ferrer said.
Additional options include uninstalling Java. While the platform is often necessary in servers, its importance has diminished in desktops and laptops with the use of newer Web technologies.
The Indian government has ordered a large number of porn websites to be blocked, creating an uproar among users and civil rights groups in the country.
Microsoft's goal of upgrading all Windows Phone 8 handsets to Windows 10 is looking increasingly unlikely, as many phones lack the prerequisite software updates.
The U.S. Federal Communications Commission's net neutrality rules violate the free speech rights of broadband providers because the regulations take away their ability to block Web traffic they disagree with, one ISP has argued.
IBM may be leading the pack when it comes to putting away patents related to cloud technologies.