The web browser is becoming the mostly used application in launching malware attacks. During the heyday of mass-mailing worms, the email client was the major source for malware infection. But today in the era of targeted attacks and information theft, the web browser has become the major distribution point for malware.
In fact, a recent study claims that web browsing has surpassed email as the top method for spreading malware. Malicious programs that come from the web do not necessarily originate from websites that offer illicit content such as pornography or serial number generators. On the contrary, the culprit websites often look legitimate as an effort to trick unsuspecting users, as in the case of the website where TROJ_ZLOB.ATH poses as a codec.
There is a common misconception that most malware arrive as attachments in an email from an unknown sender. This used to be true for worms that mass-mail themselves. But things change and you may never know if the next website that you visit after reading this blog would trick you into installing a backdoor into your system. In reality, it does take a while for security measures to catch up so I guess one of the things that can be done to prevent something like that from happening is to be aware of such issues, which is what this blog is for.