The next generation hybrid web browser is coming to Internet Explorer, Firefox and Safari but also to additional browsers and to web servers, courtesy of Billy Hoffman, Lead Security Researcher, SPI Dynamics and John Terrill, Executive Vice President and co-founder of Enterprise Management Technology. The two researchers will present at BlackHat a session titled “The Little Hybrid Web Worm that Could” showcasing the proof-of-concept or an evolved web worm. Up until this point, signatures have been the Achilles’ heel of web
worms but the new variant will be able to run on both servers and browsers and dodge signature-based
“We describe a hybrid web worm combining both server-side and client side languages to exploit both the web server and the web browser to aid in its propagation across multiple hosts. We will discuss how such a hybrid worm is able to find new vulnerable systems and infect new hosts on different domains from both the client and the server. In addition will we look at how a hybrid worm could upgrade its infection methods while in the wild by fetching and parsing new web vulnerability information from public security sites, preventing a single silver bullet fix from stopping it,” reads a fragment of the synopsis of the session.
Hybrid, Web, Worm, Internet Explorer, IE, Firefox, Safari, Malware, Blackhat