Tuesday, March 06, 2007

Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure

Thorsten Holz writes on Honeyblog:

The recent ACM Conference on Computer and Communications Security (CCS'06) had some interesting papers. One of them deals with so called Puppetnets. A puppetnet is created by malicious web sites which exploit a visiting web browser and take control of it. Similar to a botnet, these puppetnets can be used to mount DDoS attacks, reconnaissance probes, or other nefarious purposes.

Presumably the threat posed by these networks is way lower than botnets, but nevertheless they could pose a problem in the future due to the prevalance of client-side exploits.

More here.

0 Comments:

Post a Comment

<< Home