A few days ago, he was referring to an ingenious attack with fake webcams that infect users with Java applications. With some simple searches you can find hundreds of pages of this type, many of them are created with automatic tools like this:
There are several similar tools and unfortunately they are very easy to use, this particular one allows you to create the malicious page in three steps and associate it with a malware that runs through Java.
First you have to select the design, 3 come by default that are photo galleries, webcams and video players, the attacker can also add a custom design.
Then you select the Publisher or supposed manufacturer of the Java application to download, this field can also be customized to better deceive the victims. And finally the Java file to create is configured.
Click on the Generate button and as you can see in the following screenshot, an index.html is created with two images and the malicious .jar file:
The page will finally look like this:
How to avoid being infected by these pages?
The simplest way is not have Java installedThis plugin is also used to infect Mac and Linux computers (yes, for Linux there are also backdoors that are installed with Java).
In case you have it installed because it is usually used, it is essential to keep it updated to avoid automatic attacks that exploit their vulnerabilities and have a lot watch out for java applications that are downloaded or run.
An antivirus is of great help, although it must be borne in mind that they do not always detect these threats, especially when they are just out of the oven.