As well as developing new signatures and analytics tools for Radware scanning software, Kotler also works on finding new classes of vulnerabilities before they appear in the wild.
Koter demoed the hack, dubbed Jinx, to vnunet.com at this week's RSA security show in London. He showed how the process was done from within the browser itself, not by altering the browser binary, which can be detected by most anti-virus systems, but rather by adding plain HTML code into just one specific file.
According to Koter, this new class of attack will be attractive to cyber-criminals whose existing techniques are increasingly vulnerable to detection because the approach is cross platform and cross browser, allowing the hackers to access systems previously unavailable to them, such as Linux, Mac and mobile.
The problem stems from the fact that internet browsers have quickly moved from being passive text and picture viewers to essentially an operating system in their own right, through interactive services such as user-generated content, hosted applications, web mail and social networks.
"HTML is now like a batch file for everything," said Koter.
"It's only down to shaping and redirecting it from this intended purpose."
He concluded that, although these types of attack are not yet in the wild, security firms and browser developers need to ensure that the increased demand for a more flexible browser does not open the door to hackers.
By Ian Williams on Oct 31, 2008 12:10AM