Quote:
Originally Posted by f.montoya
|
Fidel, not trying to be disrespectful here, but I think you are putting the cart before the horse here.
Generally what occurs is the following process:
1) Hacker exploits website code or application in a way to gain access to the webserver.
2) Hacker uploads specific infected code (such as invisible ****** exploits) to the webserver to target more users computers to infect
3) Users using insecure browsers, or systems not patched to protect against such infections have their browser try to load the invisible ****** and thus instead load a trojan of some specific intent.
4) Once the trojan is loaded onto the user's system, it could do endless number of things depending on what it is programmed to do. Some "call home" and go to a different web server where it downloads new code or "instructions" Those instructions often are then told to set up key loggers or password stealers or endless other things. Other times it will actually launch a worm to try to infect other systems on the same network, etc.
So the link you posted is good advice, but incomplete. Users do need to be smart about what browser they use and how they use it, but they also need to have proper antivirus protection as well as making sure their system regularly stays patched to protect against many of these type of attacks.
That doesn't address the original cause of the attack however, where people's websites are being hacked or attacked.