Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
Why Malicious Programs Spread So Quickly? > NetSparsh - Viral Content you Love & Share

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That is why malicious programs of various kinds (viruses, worms, Trojan horses, etc.) are very often aimed at stealing valuable -- in a direct sense of this word -- private and financial information. When written, these programs are spread all over the Web.

What do means of their distribution have in common? Thinking a bit about it will help us ordinary Web users realize how to behave online and what to avoid.

Let's use logic and good old common sense. What do you think are the most suitable (for a criminal)means to spread malicious code? The answer is almost obvious. It is something which, first,ensures his anonymity and, second, offers victims (i.e. us) very little or no protection against malware. Last, but not least -- this means should be very cheap or, even better, free.

(I'll confine myself to mentioning only those means which endanger EVERY Internet user. Not everyone exchanges files or downloads music and freeware. But is there anybody who doesn't send and recieve email or visit websites?)

Well, if you were a cybercriminal who wanted to spread a malicious program quickly and as widely as possible, how would you distribute it?

What first comes to mind? First, sending contaminated emails through spam. It is possible (and not too difficult for, say, a programmer) to enclose virtually anything into the attachment. With more effort, a programmer can create a message without any attachments that will infect a PC anyway.

Though many email service providers offer basic anti-virus protection, they aren't obliged to do it. How effective this protection is -- that's another question.

Besides, spam is very cheap to distribute. Of course, spammers of all stripes don't use their own machines. Why should they? They prefer PCs which became remotely controlled after being infected with a special program. Cybercriminals build huge networks of such machines and hire them out to spammers. Using "bots" (they are also called "zombies" or "slave computers") gives a spammer so valued anonymity -- spam messages come to frustrated PC users from IP addresses registered somewhere on the other side of the globe.

What about other possibilities? Websites. Malicious websites are very dangerous.Cybercriminals create them exclusively to execute malicious code on the visitors' computers. Sometimes hackers infect legitimate sites with malicious code.

When unsuspecting users visit malicious sites, various nasty applications are downloaded and executed on their computers. Unfortunately, more and more often these applications contain keyloggers--software programs for stealing information.

Keyloggers, as it is clear from the name of the program, log keystrokes --but that's not all. They capture everything the user is doing -- keystrokes, mouse clicks, files opened and closed, sites visited. A little more sophisticated programs of this kind also capture text from windows and make screenshots (record everything displayed on the screen) -- so the information is captured even if the user doesn't type anything, just opens the views the file.

Blogs can be contaminated with malware, too. In April experts from Websense Security Labs warned users that they discovered hundreds of these "toxic" (contaminated with malcode) blogs set by hackers. Blogs are suitable for them: there are large amounts of free storage space, no identity authentication is required to post, and there is no scan of posted files for viruses, worms, or spyware in most blog hosting services.

Three months passed, and here is the quote from a new Websense report released this Monday, July, 25th : "hackers are using free personal Web hosting sites provided by nationally- and internationally-known ISPs to store their malicious code?" This July Websense detected that these sites are used for this purpose much more often. The company's senior director of security and technology research said that "in the first two weeks alone we found more instances than in May and June combined." By all means it's a tendency, and a very disturbing one.

Such sites are free and easy-to-create. With the average lifespan of between two and four days, they are difficult to trace. Free hosting services rarely offer even basic security tools. Short-lived websites,no files scanning for viruses, nothing prevents "authors" form uploading executable files ? isn't such a site an ideal tool for distributing malicious code?

Anonymity of the creator -- no end user protection -- no cost. What else can a cybercriminal wish? That is why there was the outbreak of "toxic blogs" in April - and that's why infested free websites are multiplying so quickly now.

But how to contaminate as many computers as possible? It is the aim of cybercriminals, isn't it? The more traffic, the more programs lands on end users' computers. Hackers attract traffic to malicious websites by sending a link through spam or spim (the analog of spam for instant messaging (IM).

They are ingenious in finding new ways to make people open an attachment or click on a link to visit a certain website, though people are constantly told not to follow links in spam.

Just some of their dodges -- disguising infected spam emails as CNN news alerts, subject lines with "breaking news" like "Osama bin Laden caught", "Michael Jackson tried to commit suicide". How about celebrities in the nude? Just click! And, one of the latest, an "amateur video" that ostensibly shows London bombing sights.

These (and similar) tricks are usually called social engineering. Online criminals have become good psychologists -- the big bucks which crimes like online bank fraud can bring turned them into earnest students.

However, there is one thing that spoils the mood of those who spread malicious programs.

To hackers' deep regret, people become more aware of the risks they face in the Internet. A study by Pew Internet and American Life Project released on July 6th shows that:

91% (!) of respondents (adult Internet users from the U.S.) changed their behavior online one or way another. 81 % have become more cautious about e-mail attachments 48 % have stopped visiting certain websites which are said to be harboring malicious programs People stop using file-sharing software (25%) and even start using Mozilla, Firefox or other browser instead of Internet Explorer (18%)

Well done! Actually, there is nothing left for us users but to become more conscious of the threats and more cautious in the Web. Every PC user has to care for his information himself, protecting his own computer against numerous data-stealing programs of all sorts.

But don't you think that protection against various malicious programs shouldn't be only end users' private business? It is up to service providers to offer at least basic protection for end users and break this "triad" (Anonymity of the creator -- little or no end user protection -- little or no cost) which enables all this crap to spread so easily.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various products and services for information security. Software aimed at making identity theft impossible, services like protected email and protected Web hosting are only small part of what this company offers.

Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

Forbes

Facebook Increases Security For Political Campaign Staff
Forbes
Facebook is introducing new security tools for political campaign staff, concerned about dirty tricks in the run-up to the mid-term elections. On his personal Facebook page, CEO Mark Zuckerberg admitted last week that the company fell short when it ...
Facebook pilots new political campaign security tools — just 50 days before Election DayTechCrunch
Facebook expands security measures for political campaign staffEngadget
Facebook Rolls Out New Political Campaign Security FeatureWPTV.com
Adweek -SiliconANGLE
all 39 news articles »

CNBC

Special counsel Robert Mueller seeks November sentencing for former Trump national security advisor Michael Flynn
CNBC
Special counsel Robert Mueller and defense lawyers for former national security advisor Michael Flynn asked Monday that the retired Army lieutenant general be sentenced for his crime of lying to the FBI on Nov. 28 or a week or so thereafter. The ...
Special counsel asks to sentence former national security adviser Michael Flynn, possibly Nov. 28Washington Post

all 219 news articles »

Ars Technica

Judge to Georgia voting officials: You're terrible at digital security
Ars Technica
But as US District Judge Amy Totenberg wrote, she is not at all happy with the inadequate efforts by state officials to shore up their digital security measures. "The Court advises the Defendants that further delay is not tolerable in their confronting ...
NPR/Marist Poll: 1 In 3 Americans Think A Foreign Country Will Change Midterm VotesNPR

all 246 news articles »

TechCrunch

This is what Americans think about the state of election security right now
TechCrunch
In response to the question “Do you think the U.S. is very prepared, prepared, not very prepared or not prepared at all to keep this fall's midterm elections safe and secure?,” 53 percent of respondents felt that the U.S. is prepared while 39 percent ...
The Future of Voting: Accessible, Reliable, Verifiable TechnologyThe National Academies of Sciences, Engineering, and Medicine
Senate panel backs intelligence agencies on Russia-Trump conclusionsReuters
NPR/Marist Poll Results September 2018: Election Security | Home of the Marist Poll - Marist CollegeMarist Poll - Marist College

all 110 news articles »

What Illinois Has Learned About Election Security Since 2016
NPR
MACKEY: Illinois is investing a few million dollars in federal money to help some of the state's smaller voting jurisdictions secure their data and equipment. Some counties don't even have their own IT staff. But officials here are less worried about ...

and more »

TechCrunch

Five security settings in iOS 12 you should change right now
TechCrunch
iOS 12, Apple's latest mobile software for iPhone and iPad, is finally out. The new software packs in a bunch of new security and privacy features you've probably already heard about. Here's what you need to do to take advantage of the new settings and ...
9+ iOS 12 security improvements you should know aboutComputerworld
Apple updates iOS Security Guide w/ details on Shortcuts, multi appearance Face ID, more9to5Mac
Apple details Siri Shortcuts, Screen Time, student ID cards, more in updated iOS Security GuideAppleInsider
Mac Rumors -Fortune
all 685 news articles »

Aljazeera.com

US-Russia spat over North Korea sanctions at UN Security Council
Aljazeera.com
During a fractious Security Council meeting on Monday, Haley said Moscow had tried to conceal "systematic" violations of the 15-member body's penalties on Pyongyang and pressure UN experts into altering a report on the implementation of the sanctions.
US calls urgent UN Security Council meeting on North Korea sanctions violationsNBCNews.com

all 311 news articles »

Washington Post

The Cybersecurity 202: A new poll shows voter views on election security largely line up with experts' positions
Washington Post
Election officials and security experts have been working overtime to raise awareness about threats to U.S. election systems ahead of the midterms — and a new poll suggests that some of their efforts may be paying off. An NPR-Marist poll released ...

and more »

Spectrum News

RPD to sign off on security plans for high school events following weekend fights
Spectrum News
ROCHESTER, N.Y. — New security measures for schools in Rochester have been set after a weekend brawl in the stands broke up a city high school football game. Rochester police will now sign off on plans for any school event requiring security, like the ...
Brawl at high school football game prompts stricter security measures13WHAM-TV
Security changes planned for high school events after fights stop East-Wilson football gameRochester Democrat and Chronicle

all 7 news articles »

The 7 Habits of Highly Effective Security Teams
Dark Reading
But securing against today's threats requires more than just technology solutions — it demands a strong security team. What constitutes a strong security team? If you've had a malware infection or some other security breach, you might think yours ...

Google News

Mall Protection

The Loss Prevention Manager should be receptive to the needs... Read More

Online Shopping: 10 Tips For Safe Online Shopping

Have you ever bought a product or service from the... Read More

Do You Know What your Kids Are Doing Online?

It's a sad statistic, but hundreds of unsuspecting kids are... Read More

Virus Prevention 101

Blaster, Welchia, Sobig, W32, Backdoor, Trojan, Melissa, Klez, Worm, Loveletter,... Read More

The Risk Of Electronic Fraud & Identity Theft

Electronic Fraud and Identity Theft ----------------------------------- Human beings are pretty... Read More

Internet Privacy

Over the past few years as the internet has become... Read More

Reclaim Your PC from the Internet Spies

Viruses are, however, not the only malicious software programs out... Read More

What is Spyware?

The most frustrating part of having Spyware on your computer... Read More

Identity Theft ? Beware of Phishing Attacks!

"Dear Bank of the West customer", the message begins. I've... Read More

Detect Spyware Online

You can detect spyware online using free spyware cleaners and... Read More

Pharming - Another New Scam

Pharming is one of the latest online scams and rapidly... Read More

Top Five Online Scams

The top five online scams on the Internet hit nearly... Read More

Keeping Worms Out of Your Network...

No auntie Sookie, not earth worms, computer virus worms that... Read More

Web and Computer Security

Well, if that would have been said to me by... Read More

Beware of Imitations! Security, Internet Scams, and the African Real Estate Agenda

Fishing on the Internet has come a long way. However,... Read More

Spyware Symptoms

Spyware symptoms happen when your computer gets bogged down with... Read More

How to Thwart the Barbarian Spyware!

Today,on most internet user's computers, we have the ability to... Read More

Steganography ? The Art Of Deception & Concealment

The Message Must Get Through ----------------------------- The year is 300A.D.,... Read More

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

Spyware, This Time Its Personal!

First the basic definition of Spyware: It is a type... Read More

How To Give Away Your Personal Information

Identity Theft and Your Personal Information -------------------------------------------- Identity theft is... Read More

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More

Computer Security

What is computer security? Computer security is the process of... Read More

Computer-Virus Writers: A Few Bats In The Belfry?

"Male. Obsessed with computers. Lacking a girlfriend. Aged 14 to... Read More

Dont Get Hacked - A Guide to Protecting Your Business from Thieves

You've seen it in the news - 40 million credit... Read More