Wireless adware threat uses "carrier" computer to spread

Powered by SC Magazine
 

Dubbed "typhoid adware".

Researchers at the University of Calgary are warning of a future threat that leverages a public wireless connection to bombard PCs with adware.

The risk involves using a "carrier" computer hooked up to an unencrypted wireless connection. That machine is able to convince other computers using the same connection to "communicate with it and not the legitimate access point". Then, it inserts adware onto these laptops, typically in the form of advertisements on videos and websites.

The researchers have dubbed the threat "typhoid adware" because it is transmitted through a seemingly healthy computer, much like Typhoid Mary experienced no symptoms of typhoid fever but was responsible for infecting scores of people.

"Typhoid adware is designed for public places where people bring their laptops," said associate professor John Aycock, who co-authored a paper on the threat and presented findings at a recent conference in Paris. "It's far more covert, displaying advertisements on computers that don't have the adware installed, not the ones that do."

So far, the risk is only proof of concept, but the researchers expect it to hit the wild sometime soon.

To prevent against such an attack, the researchers, who also included an assistant professor and two students, said machines must run software and settings that prevent communication with the carrier computers. In addition, users should avoid clicking on links from untrusted sources.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Time management tips for CIOs
[Blog post] How to get to the genba.
 
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  10%
 
Denial of service attacks
  6%
 
Insider threats
  11%
TOTAL VOTES: 1109

Vote