Check Point's ZoneAlarm ForceField Protects Against New Widespread Nine Ball Attack
By admin - Posted on June 23rd, 2009
Tagged:
ZoneAlarm's Extreme Security virtualization technology and antivirus protection continue to shield consumers from new and sophisticated Web browser attacks
Redwood City, CA, June 19, 2009 -- Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced that ZoneAlarm® ForceField technology protects consumers against Nine Ball, a multi-layered Web browser attack targeting legitimate Web sites to redirect users to malicious sites owned by the attacker. Nine Ball malicious programs typically attempt to steal information from users for potential financial or identity theft use. By placing a two-way “bubble of security” around the user’s browser, ZoneAlarm ForceField, also included in ZoneAlarm Extreme Security, stops Nine Ball infected sites from being able to redirect the browser to other sites, or to download malicious programs onto the consumer’s PC.
Nine Ball works as users visit one of the infected Web sites and are sent through a chain of redirections to sites owned by the attacker, before landing on the final drive-by download site. The downloaded malware attempts to infect user’s computer through a number of exploits including Adobe Reader, QuickTime, Microsoft Data Access Components (MDAC) and AOL SuperBuddy. The multiple redirections are designed to make tracking the attacker more difficult and occur in the background without the victim’s knowledge. The attack name “Nine Ball” refers to the name of the final landing page which is full of malicious drive-by exploits that are automatically downloaded to computers without user’s consent or knowledge. Once infected, anything the victim types could be monitored and used to commit identity theft, such as stealing credit card numbers, passwords or other sensitive data.
“In the past couple of years, more and more hackers have started targeting trusted Web sites to distribute malware designed to steal financial or personal information. Mass-compromise attacks such as Nine Ball, Gumblar and Beladen have already infected approximately 140,000 sites collectively,” said Ben Khoushy, vice president of endpoint products for Check Point. “Once again, Check Point’s unique ZoneAlarm ForceField virtualized browser security solution provides the necessary protection against the continuously evolving ways hackers try to exploit legitimate Web sites.”
ZoneAlarm ForceField successfully protects computers against attacks such as Nine Ball, or previously announced Gumblar, by placing an impenetrable two-way “bubble of security” around the browser. The ZoneAlarm ForceField sandbox prevents unwanted malware from damaging users’ PCs or from stealing users’ private information.
Source: Check Point Software Technologies Ltd.
Related articles
- Check Point's ZoneAlarm ForceField Protects Against New Widespread Nine Ball Attack
- Symantec Reveals "Dirtiest Web Sites of Summer 2009"
- Check Point's ZoneAlarm ForceField Protects from Gumblar Web Attack against Google Searches by Internet Explorer Users
- the Rubicon Project Launches Rubicon Security
- Anchor Intelligence Issues "The Uninvited Guest: A Browser Hijacking Experience, Dissected"
- Symantec Corp. Releases June 2009 MessageLabs Intelligence Report
- VeriSign Research Reveals 88% of American Web Users Unable to Spot Phishing Sites
- F-Secure Offering Free Virus and Spyware Detection
- McAfee Identifies the Most Dangerous and Safest Web Search Keywords
- McAfee Demonstrates Effectiveness of In-The-Cloud Protection with Increased Security
- Symantec Internet Security Threat Report Finds Malicious Activity Continuing to Grow at Record Pace
- US-CERT: US Tax Season Phishing Scams and Malware Campaigns
Highly Recommended for All Web Publishers:
