The 2015 Midyear Security Report reveals that the 1811 literary classic is having whole excerpts of text used to hide malware.
The passages are used to hide malicious code that allows hackers to break into unsuspecting users’ devices, tricking anti-virus software normally trained to pick up on random babble before labeling a piece of code either legitimate or a security threat.
To infect the user, the hackers design a web page with very little on it – typically random text. It then gets spread around, infecting unpatched browsers. Often a user will arrive at a confusing page and leave it quickly. Cisco explains why using a classic literary text is a better bet for hackers.
“Adding passages of classic text to an exploit kit landing page is a more effective obfuscation technique than the traditional approach of using random text,” the analysts say in their report.
“Putting something like this in would increase dwell time on the site, allowing the malware a greater window for attack,” Cisco’s principal engineer Jason Brvenik told El Reg. “It also helps thwart machine analytics, which attempts to assess if a website is good or bad. As for why other tomes haven’t been used – maybe the author’s a fan of Austen.”
“The use of text from more contemporary works such as magazines and blogs is another effective strategy. Antivirus and other security solutions are more likely to categorize the web page as legitimate after ‘reading’ such text,” the report also reads.
However, experts say there’s no reason to freak out. Finding references to Sense and Sensibility on a web page “may be perplexing, but not a cause for immediate concern,” the researchers also say.
But Cisco says the technique is also potentially responsible for every problem the user may have afterward, such as “ransomware”– when someone with malicious intent gains access to all of the user’s files, closes access to them and blackmails the user for money.
“Overall, what we’re seeing on the attack front is speed first, along with creativity and a willingness of the hacker community to evolve new tools and strategies and recycle some old familiar ones, too,” Cisco writes.
Just recently, Android users found out the hard way what that looks like. Users of the most dominant smartphone operating system in the world (80 percent) found that they’re all vulnerable to a massive flaw in the software that allows an attacker to simply text them a message with malicious code.
“Hackers, being unencumbered, have the upper hand in agility, innovation and brazenness,” Brvenik added in an interview to AFP.