The “bad guys” on the Internet have long had a habit of finding the biggest security holes with the greatest potential impact. That’s one reason why the Apple computer line has remained effectively virus free (I caught at least one in the early Mac days (Scores), so don’t tell me there never has been any Mac viruses).
Over the years, operating systems have been “hardened”, so the bad guys have become creative and looked towards other avenues, to the point that Mike Cox in an article “Social media attacks dominate first half of 2010 malware trends” on eChannelLive tells us what is now going as as the biggest impact by the bad guys:
“Cyber criminals are putting increasing emphasis on using social media platforms like Facebook and Twitter as effective ‘spread mechanisms’ for malicious software,” said Arvid Gomez, Norman vice president, OEM and Technology. “In the past, they put nearly all of their efforts into compromising PC operating systems. As social media use becomes part of the fabric of our daily life, Internet users need to make certain they are taking the necessary steps to protect their privacy and security.”
He then goes on the discuss the koobface malware that has come through FaceBook since 2007. I encountered this at a client’s site about 4 months ago.
Another method to not only frustrate you, but also get some money, or your credit card number for use in, in the least case fraud, and the worst case, identity theft, are the “scareware” or “rasomware” programs that take over your system and basically demand that you buy their removal tools, which…are pretty much garbage anyhow. Mike has this comment:
Norman security experts also note that fake antivirus programs continued to plague many home PC and business users. Rogue antimalware programs have been around for a long time. In recent years however, they have become increasingly widespread, and represent a major problem. These programs can be difficult to eradicate, as they often consist of many different malicious elements.
I spent a better part of Wednesday ripping one of these attacks out of a laptop of a client’s office machine. I’ll say this: About 6 months ago, I could find these and get around them and eliminate them in about an hour. That was thanks to having seen several in a short time frame. They all had different file names, and loaded themselves from different places on the drive, but they all used the same methods. The one I ran into Wednesday had grown far smarter. I found it pretty quickly, but it had done many things to mask itself, and had placed some more hooks in the registry than I was used to deleting. Additional, I found a browser web director trojan in there, too. It may have arrived as a package deal, but it took 6 hours to find it, delete the offending things, much of the time was spent running scans, which found more things with each delete/reboot/scan cycle. It’s gone now and they are back to work, without having to just wipe the drive and begin all over, but it was a long day, when some elements have become smart enough to even force a load, regardless of some settings you applied to keep them from coming in a boot up.
I know many people don’t want to learn about the specifics of keeping your computers free of malware and other bad things, but your choice, as I see it, is to commit to some training by your local computer support person/people/staff/support company, or you can call us up and pay by the hour to undo what was maybe a 5 second decision on what to do about the question: “XXX is requesting to run. Do you want to block or allow it?” from your firewall protection. Because of the bad guys, you must get some education in how to keep from your system from becoming unavailable for a few hours (at best) to days (worst case).
Good rule of thumb: You can unblock accidentally prohibited functions. You will lose time and money if you let something in out of “I don’t have time to deal with this, I just want to get back to work!” frustration.
Read Mike’s article and practice intelligent computing!