With the expansion of computer and network applications, the dangers faced by computer information security and the losses already caused are also increasing exponentially. In particular, with the increase in various types of hackers, some individual users are frequently attacked by different means, which cannot help but draw our attention.
For individual users, besides viruses and Trojan horses, hidden codes in web pages are also seriously threatening our security. However, most people lack self-protection awareness and do not fully recognize the harm of hidden codes, or even have their important data stolen without their knowledge. Because hidden codes have a relatively high level of concealment, so far, no antivirus firewall can effectively prevent attacks from hidden codes, and most cannot even detect them. Therefore, we should be highly vigilant against the invisible killers in web page codes. Generally speaking, the "invisible killers" in web page codes can be roughly divided into the following categories:
Invisible Killer 1: CPU Occupation
By continuously consuming system resources on the local machine, it eventually leads to a CPU usage rate as high as 100%, preventing the computer from processing other user processes.
A typical prank of "Invisible Killer 1" code is to create an infinite loop through JavaScript. This type of code can appear on malicious websites or be sent to you as an email attachment. Nowadays, most email client programs can automatically invoke a browser to open HTM/HTML type files. As soon as you open the attachment, countless new browser windows will pop up on your screen, eventually forcing you to restart your computer.
Prevention Method: For such issues, you should avoid opening attachments from strangers, especially those with extensions like .vbs, .htm, .doc, .exe.
Invisible Killer 2: Illegal Reading of Local Files
This type of code typically reads local files in web pages by calling Activex, JavaScript, and WebBrowser controls.
Compared to "Invisible Killer 1", the characteristics of "Invisible Killer 2" code lie in its more covert behavior, making it hard for general users to notice that hidden codes are reading files on their hard drives. "Invisible Killer 2" can also exploit browser vulnerabilities to achieve its effects, such as the IFrame vulnerability in IE5.0. A few simple lines of code can read any file on your local hard drive that IE can open.
Prevention Method: You can resolve this by disabling JavaScript and always paying attention to Microsoft's security patches.
Invisible Killer 3: Web Deception
Attackers first penetrate the DNS server responsible for resolving the target machine's domain name, then reset the DNS-IP address to a host where they have already gained superuser privileges.
This type of attack is rare domestically at present, but if successful, the damage could be significant and lead to heavy losses. The attacker can forge an environment identical to the target machine on a host where they have obtained superuser privileges, tricking you into providing your username and password. For instance, your email or online banking account and password might be compromised. Since you face an environment identical to yesterday's, you may unknowingly enter your username and password without realizing it isn't the real host.
Prevention Method: When surfing the web, it's best to turn off JavaScript in your browser to prevent attackers from hiding signs of the attack. Only enable it when visiting familiar websites, although this may reduce browser functionality, it is still worth doing. Additionally, avoid linking to other websites from unfamiliar sites, especially those requiring personal account names and passwords.
Invisible Killer 4: Control of User Machine
Currently, this issue mainly focuses on IE's use of Actives.
You can take a look at your own IE security settings. For "Download signed ActiveX controls," the current option is "Prompt." But you may not know that IE still has the privilege to download and execute programs without prompting, which is a serious security issue. We may be completely controlled by others without our knowledge.
Prevention Method: Under the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility, create a new CLSID-based entry for "Active Setup controls": {6E449683-C509-11CF-AAFA-00AA00B6015C}. Then, under the new entry, create a REG_DWORD type value: Compatibility Flags 0x00000400.
Invisible Killer 5: Illegal Formatting of Local Hard Disk
This type of code poses a significant threat. Just by browsing its webpage, your hard disk will be formatted.
This is not an exaggeration. Actually, IE can format a hard disk through executing ActiveX, which is not a new vulnerability. If you browse a webpage containing this type of code, your local hard disk will be quickly formatted, and because the formatting window is minimized, you may not even notice it until it's too late.
Prevention Method: Renaming dangerous commands like format.com and deltree.exe on your machine is one way to prevent this. Since there aren't many situations in Windows where these DOS commands are truly needed, many macro viruses or dangerous codes directly call these DOS commands, such as the well-known domestic macro virus "July Killer," which added deltree c:\ /y to Autoexec.bat.