Tuesday, November 27, 2007

Tis The Season

Sunday morning I followed up on a case involving a new mass-sploiter. It was interesting - PHP remote file inclusion attack with a hosted exploit that was targeting Windows. Of course, it didn't affect any of the systems it touched on my end, and I decided not to try for the binary. Why not? Because it was Sunday morning, I was at my in-law's house, packing up to go have a late Thanksgiving with my family.

And then it hit me. Get ready. Here it comes. As we head into the holidays, the malware folks are gearing up, hoping to catch us off guard. They've already got the design in place, the new text for socially engineering users and packing & obfuscation tricks to bypass spam filters and AV scanners. They're just waiting. Last winter it was New Year's Eve and then the SuperBowl. The timing of those attacks was no coincidence. This season I expect something similar.

No comments: