[4675] in WWW Security List Archive
Re: Psychological virus
daemon@ATHENA.MIT.EDU (Bede McCall)
Wed Mar 5 20:53:50 1997
Date: Wed, 5 Mar 1997 18:16:55 -0500 (EST)
From: bede@mitre.org (Bede McCall)
To: aarona@iquest.net
Cc: www-security@ns2.rutgers.edu
In-reply-to: <Pine.SV4.3.91.970305150350.10799A-100000@iquest4> (message from Aaron Abelard on Wed, 5 Mar 1997 15:09:42 -0500 (EST))
Errors-To: owner-www-security@ns2.rutgers.edu
Date: Wed, 5 Mar 1997 15:09:42 -0500 (EST)
From: Aaron Abelard <aarona@iquest.net>
Subject: Psychological virus
I recently found a user on our system whose webpage had what I would call
a "psychological" virus. From a technology standpoint nothing odd was
going on. The page consisted of some text which told the user the
website would create a file on your Hard Drive to prove it could be
done. [ . . . ]
This is really just a wrinkle in what's been known for years as
"social engineering" -- getting technically naive people to do
destructive things to their computers, or to get them to become
unwitting accomplices in security violations. A con game, in
other words.
I came across one such hack some time ago which told the reader that
the page onscreen contained a hidden Java applet which (provided the
user was using a UNIX system) had already surreptitiously transmitted
/etc/passwd back to the attacker's Web server. Clicking on an
onscreen button would result in the server sending the file back as
proof that the file had been stolen. The general idea was that you
should call the "security consultant" for help ASAP...
The page actually contained the HREF "file:/etc/passwd" in the HTML
under the button. As I recall, there was some Java entertainment
running onscreen to fortify the illusion.
I didn't call the "consultant" for help, of course, but using social
engineering to break into systems has been an extremely effective con
for a long time.
--
Bede McCall <bede@mitre.org>
The MITRE Corporation Tel: (617) 271-2839
202 Burlington Road, M/S K321 FAX: (617) 271-2423
Bedford, Massachusetts 01730-1420
