JavaScript, Flash, Java Applet and so on has the ability to access the network. The malware code which uses this kinds of technology mostly works on the user's web browser which visited the page with the trap. Most of those technology has the security restriction which "allow the connection if the host name is the same as the download origin host." However, this restriction can be easily broken by the DNS server which has the malware controlod by the attacker. This issue is known of "DNS Pinning" and "Anti-DNS Pinning". At this moment, most article explained about this topic is "Expected damage will be the leking information from the web page on the Intranet", but as the matter of fact, there are more serious risks which is not revealed yet. From Java Applet, and new version of the Flash Player, because the API of the TCP level whichi is known as the Socket is available, the attackers can exploit the many protcols other except HTTP as the targets. By this expoit, the victim user's web browser will be the proxy server at the TCP level, the attacks below will be possible. Portscan the host on the Intranet/Internet via the victim user's web browser Send the shell code to the host on the Intranet/Internet via the victim user's web browser Send the spam mail from the victim user's web browser Access to the file sharing network on the Intranet Any Aceess to any TCP level via the victim user's web browser This presentation will be cover the attacks by using this Socket API and its countermeasure.