Storm over Java

Java exploits are increasingly used by malware industry

11/05/2010 | London 

Cyber criminals have been exploiting vulnerabilities in Java to distribute malware on a larger scale than in the past months. This is the result of an analysis performed by the G Data SecurityLabs. For the first time since February 2010 there is a change at the very top of the malware Top 10: A Java exploit is now leading the malware Top 10, whereas exploits in PDF files used to be the most common security threat. Java.Trojan.Exploit.Bytverify.N can be found on hacked websites. It makes an attempt to infect a PC via drive-by download through a manipulated Java applet. G Data recommends using a good real time protection and updating any installed software.

"Exploiting vulnerabilities in any kind of software is the malware industry's most effective way of getting control over a PC. Just visiting an infected website with an unprotected computer will be enough to infect a system." states Ralf Benzmüller, head of G Data SecurityLabs. "We have noticed an increasing amount of attacks based on security holes in Java. Users who do not keep their installed version of Java updated are especially at risk."


G Data's security specialists recommend to not only use a powerful security solution but also advises users to always keep their operating system, their browser and all components updated. Every available software update and security patch should be installed as quickly as possible to close any security holes.


Possible reasons for the current predominance of attacks on Java:

Java vulnerabilities offer cyber criminals a lot of potential on the technical side and the development and distribution of malicious code is considerably easier compared to other methods of infecting a system. Warnings of security issues with PDFs in the recent past have generated a higher level of awareness in users.


The effort of vendors of PDF readers to keep their products updated has also contributed to making the development of functional malware based on PDF exploits much more difficult.


Malware which uses JavaScript vulnerabilities, such as the likes of “JS:Downloader”, is extremely active at the moment and is constantly being developed by malware authors. As of October 2010 three variants of this Trojan Horse have made it into the malware Top 10.

Champion Communications