In Depth

Hackers capture dynamic data to prepare for effective, stealthy attacks

Awareness is the first step in defeating offensive forensic tricks and techniques; action is the second step.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

“Offensive forensics is an attack technique hackers use to capture non-static data that can be useful in performing further attacks,” says Joe Sremack, Principal, Berkeley Research Group, LLC, a computer forensics and e-discovery firm.

In an offensive forensics procedure, the hacker captures non-static, in-memory data in order to acquire the passwords, encryption keys, or active network session data living there, which can aid them in gaining unrestrained access to precious data.

To illustrate, a simple example of an offensive forensics attack is one that captures the Windows clipboard, a place where less-than-savvy users often copy and paste their secure passwords. Hackers typically mount this type of attack through vulnerabilities in Flash.

“There are exploits that read through Flash plug-ins in browsers in combination with weak or misconfigured settings to read the full browser content, including in-memory passwords,” says Sremack.

Awareness is the first step in defeating offensive forensic tricks and techniques; action is the second step.

To continue reading this article register now

Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.