Monday, December 28, 2015

What is Mousetrapping and how does it spread malware ?

Mousetrapping is a technique used by attackers to keep visitors from leaving theit website, so that they can take advantage of that. Mousetrapping is done by launching numerous numbers of pop-ups endlessly or disabling Back/Forward or even the close button.

Different ways of Mousetrapping 

Mousetrapping can be done in different ways :

  • a numerous numbers of new pages may open up
  • the same page may open several times
  • browser buttons like Back/Forward or Close may become inaccessible, making the page harder to close
  • several pop-ups may open up that alert about something or ask to take some action
  • unwanted commercial ads, gambling requests, fake lottery requests or adult contents may start showing up again and again

Threats of Mousetrapping

Mousetrapping is normally associated with typosquatting and browser hijacking. When a user misspells a popular URL in the address bar, the malicious website opens and it starts Mousetrapping. Clearly, it takes time for the user to close the website, and by then, the attackers start drive-by download of malware. They can even change the browser settings of the user, so that the attackers can infect the computer with even more malware or perform more attacks.

How to prevent Mousetrapping ?

There are a number of countermeasures that can be taken to prevent Mousetrapping :

  • If you ever run into Mousetrapping, press keyboard shortcut to close the windows. Because, most of the browser buttons become unaccessible at this time, and closing webpages like this takes less time also.
  • If that does not work, you can try disabling javascript functionality in your browser. Because normally Mousetrapping is implemented using javascript.
  • If that also does not work by any chance, you can reboot your computer (e.g. With Ctrl + Alt + Delete in Windows)
  • Never ever perform the actions suggested in the pop-ups. Because that is what is the intention of the attackers. If you perform those actions, your computer will definitely be infected with malware.
  • Keep the software you use updated with security patches, so that the attackers cannot take advantage of the security holes of those software.
  • Keep your computer updated with a trusted anti-malware program.
  • Please remember that educating oneself with the recent threats and its countermeasures is always the best policy to go with.

No comments:

Post a Comment