Any computer, anywhere?
mysidia at gmail.com
Mon Dec 9 02:08:35 UTC 2013
On Sun, Dec 8, 2013 at 2:24 AM, Warren Bailey <
wbailey at satelliteintelligencegroup.com> wrote:
> Noticed this tonight.. Not saying the WP is always on target, but what
> software could be installed via a browser on any computer to gather all of
> that data? And how would it be done without the OS speaking up about it?
> Far fetched.. Or do the Firefox / chrome guys have
Not really; it's well within the realm of possibility, and not even
The answer about what software could be installed that way, would be
taylor-made covert software; plenty of that is known to exist.
Law enforcement would have it well within their ability to potentially
intercept and modify traffic on web pages accessed by the user, and inject
targetted exploits into the user's in-flight data connections.
Software can be installed via the browser through a variety of vectors;
viewer flaws, API flaws such as fonts, or plugins such as Java,
Silverlight, Flash, Quicktime, or Adobe reader.
Then a sandbox defeat, and privilege escalation using a variety of
unpublished exploit techniques.
Once that has occured; software may be deployed undetectably and
persistently in a variety of ways. A payload specific to the target may
be downloaded and configured in the background.
It is also possible, that the malware may simply modify existing programs
such as the operating system running in RAM --- diskless malware that
doesn't save a copy of itself, but reinfects the system after a reboot,
when the user browses the web again, and the exploit kit is launched
More information about the NANOG