On Sun, Dec 8, 2013 at 2:24 AM, Warren Bailey < wbailey@satelliteintelligencegroup.com> wrote:
Noticed this tonight.. Not saying the WP is always on target, but what software could be installed via a browser on any computer to gather all of that data? And how would it be done without the OS speaking up about it? Far fetched.. Or do the Firefox / chrome guys have
Not really; it's well within the realm of possibility, and not even unlikely. The answer about what software could be installed that way, would be taylor-made covert software; plenty of that is known to exist. Law enforcement would have it well within their ability to potentially intercept and modify traffic on web pages accessed by the user, and inject targetted exploits into the user's in-flight data connections. Software can be installed via the browser through a variety of vectors; mostly vulnerabilities leveraging Javascript, browser-specific flaws, viewer flaws, API flaws such as fonts, or plugins such as Java, Silverlight, Flash, Quicktime, or Adobe reader. Then a sandbox defeat, and privilege escalation using a variety of unpublished exploit techniques. Once that has occured; software may be deployed undetectably and persistently in a variety of ways. A payload specific to the target may be downloaded and configured in the background. It is also possible, that the malware may simply modify existing programs such as the operating system running in RAM --- diskless malware that doesn't save a copy of itself, but reinfects the system after a reboot, when the user browses the web again, and the exploit kit is launched again. -- -JH