IT Security Blog » Malware

Putting Up Fences from Internet Spyware and Trojans

Saran — Tue, 27 Jul 2010 09:48:04 +0000

Harmful objects can be obtained from the web. We are all aware that Malware and Trojans are rampant objects that have been wandering of anywhere on the Internet, especially websites that are often visited by people for reference and information. Such sites would get hijacked and also contaminate visiting users as well, something that can be done through Internet cookies stored on the web folder in the machines.

While developers and security administrators have religiously searched for ways to find such solutions, the ever changing development of new threats coming from the Internet has been far from over. To date, even the well-protected workstations can still be penetrated by objects that are not immediately visible.

Internet fences in the form of firewalls and software protection templates have tried to stop such intrusions but need to be updated frequently to answer the related threats. Without such temporary fences that are up, workstations are sitting ducks waiting to be shot, and if web administrators are not up to date with the new threats, the fences used are good as gone once they occur.

Precautions with Bluetooth Connections

Saran — Tue, 13 Jul 2010 14:39:19 +0000

Among the features that most mobile phones have today is that of features that include the Bluetooth and Infrared connectivity as a means of wireless connections. While such advancements has made it easier for people to transfer files such as images and sounds from one phone to another, it also becomes a loophole to allow viruses to infect the operating system of mobile phones today.

Worms such as Cabir, have become the onslaught of rampant mobile phone intrusions, something that uses the Bluetooth connectivity as a means of infecting mobile phones of today. Once they get through, malfunctions and error messages are sure to ensue, making it a need for the software systems of mobile phones of today to be either formatted or disinfected with available anti-virus and worm removers such as Panda Software.

Inconvenient as it may seem, it is advisable for mobile phone owners to refrain from activating their Bluetooth connections to avoid such infections and untoward intrusions at any time.

Careful of Unknown Links in Messaging

Saran — Tue, 06 Jul 2010 10:29:00 +0000

Trojans hacks and worms can easily enter a person’s computer by a mere click of a link. Instant messaging, the new trend in adhering towards faster and easier communication anywhere in the world has been enhanced thoroughly, going to the extent of allowing links to be followed, sometimes generated automatically from infected computers. Such are done even when offline messages are left, such as in Yahoo Messenger issues.

The best way to avoid such links is to refrain from clicking on links without prior notice from the actual user. While most people would rely heavily on the level of relationship that they would have with their online buddy, it is still best to double check and verify before proceeding on the site link.

Being infected is quite painful that it leads to even formatting the entire system. This holds true for people who are not aware or have the time to clean it manually and methodically. Hence, the best way is to be more cautious, especially when peculiar links are met.

Scan Storage Devices before Enabling

Saran — Tue, 27 Oct 2009 03:48:27 +0000

Viruses and malware issues are far from being a thing of the past. On the contrary, they seem to grow large by numbers as each day passes. Thus the works of security software companies have their work cut out for them. There is not definite date to which such threats and intrusions would wholly be resolved.

For the time being, it would be advisable for people to scan third party storage devices such as diskettes, USB drives and mobile storages to be safe and sound. These wandering viruses can attack at any time and this is a fact anywhere computer related materials are concerned.

Files can go as far as infecting the executable files, hence document, excel and compiled scripts are baits for immediate infection and malicious intrusions. Software applications also have their limits as their development teams cater only to a specific genre for known harmful files. But it is better to lower the risk of intrusion than not having protection at all.

[tags]scan, spyware, virus, infections, spyware, malware, trojans[/tags]

Ants Versus Worms

Saran — Tue, 29 Sep 2009 15:35:20 +0000

Not everyone hates worms – the natural kind, that is. I still remember classmates from grade school (even high school!) who grossed out everyone else by eating worms in their natural state. I am talking about a different kind of worm here, though; the kind that everyone hates; computer worms.

Pretty soon, we just might have ants on our side to combat the threat that worms pose year in and year out. Researchers in the field of IT security have been working on a project to combat worms, drawing their inspiration from the common ant. The Daily Tech tells the story:

Security researchers found inspiration in the common ant. Describes Wake Forest University Professor of Computer Science Errin Fulp, “In nature, we know that ants defend against threats very successfully. They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system.”

WFU created digital “ants” — utilities that migrate from computer to computer over networks searching for threats. When one locates a threat, others congregate on it, using so-called “swarm intelligence”. The approach allows human researchers to quickly identify and quarantine dangerous files by watching the activity of the ants.

The implications are tremendous. Anti-virus software that is commonly used today usually take up a lot of resources, and make computers slow down. With this new technology, we just might see a whole new breed of anti-virus programs. While everything is in the research and development phase still, it does give us a bright future in terms of fighting malware!

Google Chrome Even More Secure

Saran — Thu, 27 Aug 2009 04:18:42 +0000

From Internet Explorer to Mozilla Firefox to Google Chrome – that’s the path that many computer users have followed in the past years. Personally, I have stuck to Mozilla but I do use Chrome every now and then when I want things to go much faster. But did you know that Google’s streamlined browser has its share of security issues as well?

This is not really that surprising. After all, most any product you see in the market will be exploited by those who want to do so. In any case, Google has come out with updates to their browser, making it more secure for us users.

The most recent update for Google Chrome fixes some issues on how the browser handles Javascript and XML. For the Javascript engine, the fix makes sure that an infected web site will not allow malicious Javascript to run arbitrary code. You and I know very well that the phrase “run arbitrary code” simply translates to “install malware.” With this problem supposedly fixed, Chrome is definitely safer.

Another fix deals with the possibility of a web page using XML to, again, run arbitrary code. This happens when the malicious XML crashes a Chrome tab.

Last, the Chrome update will not allow you to connect to “HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms.” The reason for this is that these algorithms are prone to hacking and that it is relatively easy to pose as a fake HTTPS site.

For more detailed info, read it from Google’s own blog.

Photo courtesy of Ivan Zlatev

One Out Of Six: Yes To Spam

Saran — Thu, 23 Jul 2009 04:52:17 +0000

Last week, I found myself craving for Spam – the kind that you put in between two slices of nice white bread. The moment I checked my Inbox, though, my feeling towards spam – in general; food or e-mail related – changed drastically. For some reason, I keep getting these e-mails about Viagra and winning the lotto. And I am talking about my WORK e-mail here, not my personal e-mail! Seriously, I don’t understand why these people keep sending out these e-mails when everyone knows they’re SPAM and that they amount to NOTHING! No one pays attention to these e-mails, right?

Well, apparently, some people do! According to a survey conducted by Messaging Anti-Abuse Working Group, 1 out of 6 people in the United States and Canada respond to spam e-mails. I know, this is simply unbelievable, isn’t it?

In this day and age, why would anyone still fall for these scams? Haven’t we learned anything at all? No wonder that these scammers continue to send out their e-mails! I mean, just one or two people who respond to their bait might give them the profit that they are out for.

To be fair, the scammers are getting more and more creative. They also take advantage of the hottest things happening. For example, around the time of Michael Jackson’s death, there was an astronomical increase in e-mails about him – a lot of these were spam. Even those who are normally careful were lured into opening these e-mails and clicking away.

Bottom line: spam might be here for a while. Make sure you are careful and don’t be cocky (like me) – you never know what might hit you!

An Internet of Criminals

Saran — Mon, 29 Jun 2009 06:59:46 +0000

The world of cyber-crime has grown so much in these past few years due to the explosion of growth with respect to the number of internet users the world over. It has not only expanded on the side of normal people but on the side of cyber-criminals who now operate on their own networks, spanning the globe and ready to spread their products, malicious code that first scans the globe for weak points in the security net that we all put up to somewhat give us a sense of security from the ever-growing threat which is actually futile to some extent.
This was admitted by a renowned security expert who worked for one of the biggest security firms the world over for a new infection tends to be a game of cat-and-mouse that begins when a new threat is detected. The game begins with experts dissecting the captured malicious program and then they race to create a cure, much like the race to come up with a vaccine for the quickly spreading “swine-flu” virus that caught the human race off-guard. Once the malicious code is understood, a cure is issued and is swiftly sent out to allow the installed security software to cope with the infection. By this time, the infection has already spread and the cure is not to reverse any damage already done but to halt the spread and prevent infection of still un-hit computers.
Meanwhile, the cure the anti-virus programmers are not always perfect, so it can be considered a first response which may not fully contain the situation. This is where people make the biggest mistake in their security platform, that the programs they have installed are there to protect and prevent whilst the truth cannot be farther from the truth for the infection has already been active, way before it was detected. The follow-up security updates to security software makes the necessary adjustments enough to cope with the spread, halting it in it’s track, hopefully. The false security we feel works only if the threat is known which is true for variants of already known threats. New viruses are only known as much as the programmers who race to find a cure for it can work.
The internet of criminals is here and is currently working, ready to exploit the latest security flaw left un-patched by the millions of developers the world over. The threat is real and the well publicized closure of an identified malware spreading site and the arrest and conviction of a bot net creator/manager is only the tip of the iceberg. Even the experts know of this which makes knowledge the key to surviving the internet and the malware it brings to our doors. Our saying that security software is quite futile doesn’t say it is totally useless, but rather to provide us with better chances of surviving the problems we face each day. having security software is only effective against known threats but at least it’s a start.
The internet will never be truly a safe place for any of us mere humans who are becoming victims of the technology we ourselves have created. Having security is a start, but knowing what to do and to help make the better world by reporting malware sites and spam is another little way we can all help each other, to survive the monster and friend we all use everyday, the monster that is the internet that brings harm to our desktops each and every minute of the connected day.

Microsoft To Launch Free Security Software

Saran — Sat, 20 Jun 2009 10:17:51 +0000

Cool! But wait – Microsoft is giving away something for FREE? Am I dreaming? You better believe it, though. The software giant is jumping into the freeware fray with their latest security product. Dubbed Microsoft Security Essentials, the program is designed to detect, find, and kill malicious software that might find its way into your computers.

The beta version will be released next week. In the meantime, the company is continuing to develop the full version of the product, which is slated to be released in the fall. The security software is not going to be bundled with Windows 7, as this may provoke anti-trust issues, which Microsoft has had more than its share of. Still, critics have not been slow to point out that the description of the product is flawed and misleading.

David Cole of Symantec has stated that it is NOT an essential security solution. He also pointed out that users still need protection such as firewalls, spam fighters, and other features that are included in subscription products.

So what does Microsoft Security Essentials really offer? According to Theresa Burch, the program will try to spot malicious software, even if it is not part of the database of known threats. Once the suspicion of the software is aroused, it will first check with online servers before allowing the program to run. Users do not have to worry about the program interfering with trusted sources, however, as there will be a list of those, such as Google Toolbar.

I think I’ll see what it has to offer next week.

Yahoo Messenger Acai Berry Virus

Saran — Sun, 24 May 2009 03:49:10 +0000

What in the world is an acai berry? If you are into fad diets, then you probably have heard of the acai berry. It is purported to be the next wonder drug, which is all natural by the way. It is supposed to make you lose weight like no other substance in existence. It is also supposed to make you feel better and younger because of its curative properties.

Anyhow, I have nothing against the acai berry fad per se. I mean, these fads come and do and it’s up to you if you want to try them or not. What is happening to me is another story, however. You see, I have somehow been victimized by the acai berry virus (or so I’d like to call it) on Yahoo messenger.

I didn’t have any inkling as to what was happening until I suddenly got this slew of offline messages last week. People on my contact list – even those with whom I had not spoken for months and months – suddenly started sending me offline messages. Their messages seemed to be in reply to something I had sent.

Yesterday, an old friend sent me an SMS saying that I might have a virus. He said that I kept sending him messages on Yahoo Messenger about this acai berry thing. Obviously, it was not me.

I am pretty sure that I am not alone in this thing. I have scoured the web for similar reports and have found a lot of other people complaining of the same thing! The solution? I scanned my laptop for malware using Spybot last night. I am about to scan again using Avast. Then I am changing my passwords. Let’s see if I can get rid of this thing.

Any suggestions?