This attack technique has been discovered by Oren Hafif, a Trustwave SpiderLabs security researcher.
Worse news is that he has also developed a worm to take advantage of RFD technique.
Current security measures like firewalls and anti-viruses are futile against this worm.
The sad news is that Anti-virus engines wont even detect the hack.
And once the file has been executed, there is no security mechanism as of yet to stop it.
and pass it on to the attackers own server.
He has christened this technique Reflected File Download (RFD).
There are very few solutions to an RFD attack as of now.
User prudence may be the only key defence against this worm.
Lets see how the demonstration presented by Hafif goes!
source: www.techworm.net
