By simply visiting a web page, you
allowed access to your operating system. The web page could have installed a hostile
program (such as a virus or a keylogger), installed spyware/malware, accessed your
cookie information, or even deleted critical operating system files, such as your boot
loader file (boot.ini), all of which would cause sever harm to the system.
How would a user know if the ActiveX control is malicious? Frankly, discerning this
can be quite difficult. While the control itself might not be malicious, it might provide
access to attackers who want to do malicious things. The object itself is like a toolbox,
and it can be used for legitimate or nefarious acts. Furthermore, even if the ActiveX page
was signed, a few pop-ups might disappear from this example, but it still does not allow
the user to determine whether the steps executed by the ActiveX control are good things
or bad things.
Invoking ActiveX Controls
The second thing ActiveX.stream will do is invoke a new browser within the existing
browser and browse to www.isecpartners.com. The problem here is that the ActiveX
control allowed the attacker to do the following:
??? Invoke an existing ActiveX control on the user??™s machine.
Pages:
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379