Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
Why Malicious Programs Spread So Quickly? > NetSparsh - Viral Content you Love & Share

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That is why malicious programs of various kinds (viruses, worms, Trojan horses, etc.) are very often aimed at stealing valuable -- in a direct sense of this word -- private and financial information. When written, these programs are spread all over the Web.

What do means of their distribution have in common? Thinking a bit about it will help us ordinary Web users realize how to behave online and what to avoid.

Let's use logic and good old common sense. What do you think are the most suitable (for a criminal)means to spread malicious code? The answer is almost obvious. It is something which, first,ensures his anonymity and, second, offers victims (i.e. us) very little or no protection against malware. Last, but not least -- this means should be very cheap or, even better, free.

(I'll confine myself to mentioning only those means which endanger EVERY Internet user. Not everyone exchanges files or downloads music and freeware. But is there anybody who doesn't send and recieve email or visit websites?)

Well, if you were a cybercriminal who wanted to spread a malicious program quickly and as widely as possible, how would you distribute it?

What first comes to mind? First, sending contaminated emails through spam. It is possible (and not too difficult for, say, a programmer) to enclose virtually anything into the attachment. With more effort, a programmer can create a message without any attachments that will infect a PC anyway.

Though many email service providers offer basic anti-virus protection, they aren't obliged to do it. How effective this protection is -- that's another question.

Besides, spam is very cheap to distribute. Of course, spammers of all stripes don't use their own machines. Why should they? They prefer PCs which became remotely controlled after being infected with a special program. Cybercriminals build huge networks of such machines and hire them out to spammers. Using "bots" (they are also called "zombies" or "slave computers") gives a spammer so valued anonymity -- spam messages come to frustrated PC users from IP addresses registered somewhere on the other side of the globe.

What about other possibilities? Websites. Malicious websites are very dangerous.Cybercriminals create them exclusively to execute malicious code on the visitors' computers. Sometimes hackers infect legitimate sites with malicious code.

When unsuspecting users visit malicious sites, various nasty applications are downloaded and executed on their computers. Unfortunately, more and more often these applications contain keyloggers--software programs for stealing information.

Keyloggers, as it is clear from the name of the program, log keystrokes --but that's not all. They capture everything the user is doing -- keystrokes, mouse clicks, files opened and closed, sites visited. A little more sophisticated programs of this kind also capture text from windows and make screenshots (record everything displayed on the screen) -- so the information is captured even if the user doesn't type anything, just opens the views the file.

Blogs can be contaminated with malware, too. In April experts from Websense Security Labs warned users that they discovered hundreds of these "toxic" (contaminated with malcode) blogs set by hackers. Blogs are suitable for them: there are large amounts of free storage space, no identity authentication is required to post, and there is no scan of posted files for viruses, worms, or spyware in most blog hosting services.

Three months passed, and here is the quote from a new Websense report released this Monday, July, 25th : "hackers are using free personal Web hosting sites provided by nationally- and internationally-known ISPs to store their malicious code?" This July Websense detected that these sites are used for this purpose much more often. The company's senior director of security and technology research said that "in the first two weeks alone we found more instances than in May and June combined." By all means it's a tendency, and a very disturbing one.

Such sites are free and easy-to-create. With the average lifespan of between two and four days, they are difficult to trace. Free hosting services rarely offer even basic security tools. Short-lived websites,no files scanning for viruses, nothing prevents "authors" form uploading executable files ? isn't such a site an ideal tool for distributing malicious code?

Anonymity of the creator -- no end user protection -- no cost. What else can a cybercriminal wish? That is why there was the outbreak of "toxic blogs" in April - and that's why infested free websites are multiplying so quickly now.

But how to contaminate as many computers as possible? It is the aim of cybercriminals, isn't it? The more traffic, the more programs lands on end users' computers. Hackers attract traffic to malicious websites by sending a link through spam or spim (the analog of spam for instant messaging (IM).

They are ingenious in finding new ways to make people open an attachment or click on a link to visit a certain website, though people are constantly told not to follow links in spam.

Just some of their dodges -- disguising infected spam emails as CNN news alerts, subject lines with "breaking news" like "Osama bin Laden caught", "Michael Jackson tried to commit suicide". How about celebrities in the nude? Just click! And, one of the latest, an "amateur video" that ostensibly shows London bombing sights.

These (and similar) tricks are usually called social engineering. Online criminals have become good psychologists -- the big bucks which crimes like online bank fraud can bring turned them into earnest students.

However, there is one thing that spoils the mood of those who spread malicious programs.

To hackers' deep regret, people become more aware of the risks they face in the Internet. A study by Pew Internet and American Life Project released on July 6th shows that:

91% (!) of respondents (adult Internet users from the U.S.) changed their behavior online one or way another. 81 % have become more cautious about e-mail attachments 48 % have stopped visiting certain websites which are said to be harboring malicious programs People stop using file-sharing software (25%) and even start using Mozilla, Firefox or other browser instead of Internet Explorer (18%)

Well done! Actually, there is nothing left for us users but to become more conscious of the threats and more cautious in the Web. Every PC user has to care for his information himself, protecting his own computer against numerous data-stealing programs of all sorts.

But don't you think that protection against various malicious programs shouldn't be only end users' private business? It is up to service providers to offer at least basic protection for end users and break this "triad" (Anonymity of the creator -- little or no end user protection -- little or no cost) which enables all this crap to spread so easily.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various products and services for information security. Software aimed at making identity theft impossible, services like protected email and protected Web hosting are only small part of what this company offers.

Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

ZDNet

​Seven cloud vendors lining up for government security clearance
ZDNet
The Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) have revealed there are currently seven cloud providers undertaking certification that would allow them to provide cloud services to federal government entities.


CNBC

Europeans are giving Trump a defiant runaround on trade and security
CNBC
As a presidential candidate, Donald Trump began telling the Europeans in 2015 that they had to: (a) cut their systematic and excessive trade surpluses with the U.S., (b) eliminate discriminatory trade rules and practices to open up markets for American ...
Globalised business is a US security issueFinancial Times

all 1,296 news articles »

Cointelegraph

Crypto Wallets Security: Explained
Cointelegraph
Notify the company - it's possible you are not the only one - and review your wallet and PC/smartphone security, if it has significant flaws. Although if you kept your coins at a crypto exchange wallet and that exchange was hacked, there is a ...


Daily Beast

Russia Hawk Axed From National Security Council Right Before Trump-Putin Summit
Daily Beast
The circumstances of retired Army Colonel Richard Hooker's departure from the National Security Council on June 29 are in dispute. It's not clear whether Hooker was forced out or if his detail on the NSC came to its natural end. But what's not in doubt ...


Department of Defense

Mattis Commends Norway's Commitment to Global Peace, Security
Department of Defense
Defense Secretary James N. Mattis hailed the strong bond between the United States and Norway and commended the Nordic nation for its commitment to global peace and security in Oslo, Norway, yesterday. Defense Secretary James N. Mattis shakes ...

and more »

CSO Australia

To achieve strong IT security, embrace a framework strategy
CSO Australia
As well as the constantly evolving threat landscape, IT security teams must also work through an increasingly complex mix of security products and services. With established players extending their offerings and new vendors constantly appearing ...


Northwest Georgia News

FCSO and partners offer church safety and security summit
Northwest Georgia News
Sheriff Tim Burkhalter and the Floyd County Sheriff's Office have partnered with a number of non-profit organizations and local businesses to provide a free Church Safety and Security Summit on Aug. 25, from 8 a.m. to 3 p.m. For the last several years ...


Forbes

Google Roundup: Eight New Features Plus A Major Security ...
Forbes
Google was busy this week with upgrades and new features for its apps and devices, and a major security update for the Chrome browser. Here are some of the ...
Use caller ID & spam protection - Phone app Help - Google SupportGoogle Support

all 69 news articles »

KLAS-TV

Mob Museum hosts home security forum
KLAS-TV
LAS VEGAS - Today the Mob Museum teamed up with Metro Police to teach the valley more about home security. Officers explained keeping criminals out of your home can be as simple as leaving a light on and locking your doors. They also brought up some ...

and more »
Google News

What is Spyware?

The most frustrating part of having Spyware on your computer... Read More

Phishing and Pharming: Dangerous Scams

As soon as almost all computer users already got used... Read More

Reducing Fraudulent Transations ? 5 Simple Ways To Protect Yourself

The money being spent online is steadily growing. With billions... Read More

Mail Forwarding - Why Would You Do It?

First of all we need to get some terms stated.... Read More

5 Tips For An Unbreakable Password

Despite the current wave of identity theft and corporate security... Read More

Spyware Protection Software

Spyware protection software is the easiest way of removing spyware... Read More

How to Know Whether an Email is a Fake or Not

A few nights ago I received an email from "2CO"... Read More

Protecting Your Children On The Internet

If you are a parent, as am I, I think... Read More

The Never Ending Spyware Story

It's been with us since 1993, it's gotten more intrusive,... Read More

Keeping Worms Out of Your Network...

No auntie Sookie, not earth worms, computer virus worms that... Read More

Whats All This I Hear About Firewalls?

At this point, if you've got the whole "turning the... Read More

SCAMS ? Be Aware ? And Report When Necessary

The Internet is a vast International Network of people and... Read More

What to Look for before You Purchase Spyware Software

Huge number of spyware software applications are available in the... Read More

The Bad Guys Are Phishing For Your Personal Information

Do you know what "phishing" is?No, it doesn't mean you... Read More

Is Shopping Online For Your Horse Gifts Safe?

Shopping for horse gifts or other gift items on the... Read More

Is Adware - Spyware Putting Your Privacy at Risk

Do you sometimes notice your computer running slower. Is your... Read More

With the Rise of Internet Crimes, Users are Turning to High-Tech ?PI?s? for Solutions

High-tech private investigators are becoming the answer for many Internet... Read More

Is My PC Vulnerable on the Internet?

No longer are viruses the only threat on the internet.... Read More

Another Fine Mess!

I'm in the Anti-Spyware business, and I'm doing a lot... Read More

Blogs as Safe Haven for Cybercriminals?

To blog or not to blog? Well, why not? Lots... Read More

Is Spyware Watching You?

Imagine my surprise when I received a phone call from... Read More

What Every Internet Marketer Should Know About Spyware

If you run any type of Internet business, Adware and... Read More

What Can Be Done About Spyware And Adware

Having a good Spyware eliminator on your computer is vital... Read More

Is Your Music Player Spying On You?

In today's times spyware is a very serious issue and... Read More

7 Ways to Spot a PayPal Scam E-Mail

Paypal is a great site and is used by many... Read More