How malware works: Anatomy of an attack in five stages (Infographic)

web-attackFor cybercriminals looking to make money off unsuspecting and unprotected users, the web is a goldmine. There are more than 2.7 billion users on the web each day. And with roughly 700 million websites (a number that grows about 10% per year), there are ample opportunities for the criminals to infect you through compromised websites.

Even people who understand the risks may not know how to protect themselves, because a malware attack can happen in so many ways. We’d like to explain the mechanics behind a web attack, and show you the technologies, tools and tactics you need to stay safe.

In this infographic, we can see the five stages of a web malware attack, from entry to execution. In this example, a user’s web browser is hijacked by a drive-by download and redirected to an exploit kit, which probes the user’s computer and applications for vulnerabilities. Once a vulnerability is found, a malicious payload is downloaded onto the victim computer (infection). Finally, the malware (in this case also called ransomware) attempts to extort money from the victim.

fivestagesmalwareattack

Secure the Web

This kind of attack happens all the time. But you don’t have to be a victim. Download our checklist of technology, tools and tactics for effective web protection (PDF) to find out how you can protect your organization from malware attacks at every step of the way.

Real-time reputation filtering protects you from newly infected websites as soon as they come online. We do this using our ever-growing, cloud-hosted database of malicious sites. Learn more about how we can secure the web for you.

6 thoughts on “How malware works: Anatomy of an attack in five stages (Infographic)

  1. Pingback: Explaining botnets, exploit kits, Linux and Android malware (Podcast) | Sophos Blog

  2. Pingback: What’s coming in Sophos UTM Accelerated (9.2): #5 – Advanced Threat Protection (ATP) | Sophos Blog

  3. Pingback: What’s new in Sophos UTM Accelerated (9.2): #7 – Safer Web Application Firewall | Sophos Blog

  4. Pingback: How do APTs work? The Lifecycle of Advanced Persistent Threats (Infographic) | Sophos Blog

  5. Pingback: 5 Steps to Harden Defenses Against Web-Based Attacks | PCM News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s