Some time ago I had commented on a program that allows you to create malicious pages to infect with Java, today I was testing another that allows you to do the same with a few clicks. For obvious reasons the name of the program appears hidden, the idea is to show the ease with which they can be created and the way they operate, so you do not get infected if you find any.
As you can see in the previous screenshot, simply enter the URL from which the malware will be downloaded, in this example called virusdestructor.exe. In addition, you can select different templates that copy the designs from YouTube, Steam, MSN and other types of sites.
Finally the Generate button is clicked and the fake site is created in a folder, next to the Java application that will download the malware. This is uploaded to a server and simply subtracts the victims from entering the fake site to infect them:
Let's see a couple of examples of the pages that are created with the program, pay attention to the Java execution warnings:
The design of the pages created can be adapted to taste to make them much more attractive, such as this online Lockerz Exploitz or this one that only shows a 404 Not Found error and makes use of BlackHat SEO, but that is already in the hands of the imagination of attackers, most don't have it and that's why they use these automatic programs :]
As you may have noticed in order for the computer to become infected, it is necessary to accept the execution of the application, that's why you should always be careful with these types of warnings. If the page is unknown or you don't know why you need to accept an application, it is best to cancel it. Also, if the Java version you have installed is outdated, malware may be downloaded without notice taking advantage of security holes.
Java is one of the most used plug-ins to infect and this kind of fake sites that take advantage of it are very fashionable, to check if you have the latest version installed visit: java.com/en/download/installed.jsp