Malware by Ian McGarty
| Published: 11th September 2008 09:36 |
Malware
- an acronym for "Malicious Software" - it is an expression for software specifically designed and propagated to infiltrate a computer for malicious purposes without the owners knowledge or permission, usually for illegal gain. Malware also known as "Computer Contaminant" includes Viruses, Worms, Trojans, Rootkits, Spam, Keyloggers, Adware, Spyware and so many more.
Ian McGarty
I have been in the computer industry for more than twenty years and now run my own ICT company in Cheadle Hulme. Over the last 20 years I have seen huge changes in the way we use our computers. On-line banking, video conferencing, music and video downloading to mention just a few. Whilst these leaps forward in technology and freedom stands testimony to great innovation and design it is essential we remember that this new freedom and technology brings with it a huge responsibility.
With this new age of communication comes a new threat and over the last twenty years or so I have seen as big a change in the way this threat has manifested itself as the technology itself. The day where the pranking teenager transmits harmless viruses to show off how clever they are, are far gone. Seemingly the more hostile viruses where computers could lose data or have data corrupted are less common, although we still need to be on our guard for these. These software packets have a variety of names, functions and methods of infecting computers hence the all encompassing expression Malware. As each year goes by we seem to be spending more time cleaning Malware and solving problems that it has caused.
More than six million computers world wide are now part of a "bot network", reported security firm Symantec.
Some malware simply keeps information about our internet viewing habits and returns information to advertisers. They may even allow downloading of advertising pop-up screens. This allows websites to charge advertisers for their on-line advertising or to collect anonymous statistics to attract advertising revenue. Some information is collected from our systems and possibly used for targeted marketing purposes. Although not immediately putting us at risk, it is an invasion of privacy and can affect the performance of our systems. Some more callous malware can be used in more sinister activities like website redirection. They can install more malware on our systems and transmit across the internet to thousands of other systems creating remotely co-ordinated zombie computers known as Botnets.
"It's ruthless, highly organised and highly evolved." Alfred Huger, vice president of Symantec Security Response
At their worst the new perpetrators are determined organised international criminals bent on gaining as much information about us as possible to use for their own illicit profit. They lay their malware secretly across millions of computers and we may never know it is working in the background, transmitting every move we make. They may even use our systems to forward thousands of emails such as Phishing emails or spam material we would never consider forwarding to anyone.
The more heinous Malware send us to websites that look like legitimate sites imitating banks or well known auction sites. They will harvest business and personal information about a user or company. Information such as bank details, card numbers, log-in details and passwords these can later be used for criminal purposes. It will also aggressively infect and keep infected as many computers as possible.
Regularly in the news there are reports of new, inventive ways of damaging computers or stealing information for gain. The way malware works is changing faster than any policing agency is able to combat. This is why we all need to be constantly on our guard.
Computer users typically do not know that their PC has been hijacked
There has been a huge change in the way viruses infect our systems, previously viruses would let us know they were present by flashing screen messages, causing problems or using our address book to email themselves onward. Today malware doesn't want us to know it is there and will do everything it can do to stop us discovering it. It can disguise itself as other innocent programmes or stop security software from working properly. The first we could know is our bank account is empty or our cards are over their limit or even discovering vital company information has been lost.Another change in the way these new methods of infecting computers has changed is the way we can now unwittingly download viruses from unscrupulous websites. In the past we had to install an infected disk or open an infected email attachment, now purely by going to an unsafe website we can inadvertently be infected.
Social network websites such as MySpace, Facebook and Chatrooms are also areas targeted by the criminal fraternity. If too much information is divulged on these sites, like home addresses, dates of birth and travel details, criminals can use it for illegal purposes or to add the final pieces of the jigsaw to an almost complete identity. Children should be especially aware of these types of site.
This information is about reminding you or making you aware of potential threats to you and your computer. It is not my intention to unduly frighten you away from using your computer to its full potential but we all must be aware of the risks. The general rule is to be cautious and to be aware. If something seems suspect check it out before opening it or just delete it with out opening it. Always use and keep undated a reputable anti-virus package. These don't have to cost a fortune some are even free on the internet. Consider using anti Spyware products again these can be found free on the internet but may bring with them more issues. Check websites for opt out boxes on information being used for marketing purposes. Never, Never, Never click on links or attachments to unsolicited emails these can open Malware and/or let Spammers know your email address is valid and being used. Think twice about using automatic email responses like "I am out of the office until ... " not only will this let people know you are away - maybe on holiday - but it will also send replies to spammers.
Below are a few bullet points that I hope will help you stay safe whilst using your computer.
- Install a reputable internet security software package
- Download security updates on a regular basis
- Virus check all media before installing on your computer. Even if it has come from a reputable source.
- Do not visit questionable websites
- Be sure financial institution websites are legitimate before divulging any information
- Do not click on web site links from unsolicited emails
- Do not open attachments from unsolicited emails, however tempting
- Never give personal or security details to unsolicited emails (or phone-calls) - financial institutions should never contact you asking for such information.
- Keep dates of birth and email addresses hidden on social network sites
- Don't use "Out Of Office" automated replies
- Only chat to known associates in Chatrooms. Don't divulge personal information and never agree to meet somebody who you do not know.
- Parents be aware of what your children are viewing, doing and saying on their computers
If you think your system has been acting strangely recently get it checked out by a trained engineer. It could be that you have other issues like software or hardware glitches. Above all enjoy your computer and all the wonders of the internet safely
Community Comment:
You will need to sign in to post a comment to this article. if you do not have an AboutMyArea account, you can join now for free.
Posts: 11For 2 Sundays in a row now, my husband's works computer has sent out emails to everybody in his address book. There's nothing sinister in either email, just advertising a different company each time with the preface "Hi" & "Hello". We know it's gone to everyone because we all appear in the cc. My worry there is that some people on the list may not be too happy that all the addresses are visible.
Also confused as to how someone has been able to hack into his address book. (To be honest, this second point is worrying us more than the first.)
C.L.
Joined: 30 Jul 2007Posts: 4
Are you sure the emails are actually being sent from your computer? It could be somebody spoofing your email address.
If you are pretty sure it is your computer then you really need to update your Anti-virus software to the latest release and/or maybe upgrade it to a professional product covering all aspects of internet security. Also look around for free anti- adware software Spybot is an often used one. Try googling it. I have known instances where several products needed to be used as some software doesn’t catch everything.
The real fear here is if somebody has acquired control of your PC, your address book may not be the only thing they are able to see and use. Until your issues are cleared remove or password protect any sensitive information like banking and personal details also refrain from on-line purchasing where card or bank details are required.
Good Luck; I know an engineer I can recommend to you if you require further assistance.
Regards
Ian
Posts: 11Thank you so much for your advice. I have found with internet technology that the more I find out, the less I know. And while the internet has opened up a great big world for those of us sitting in the privacy of our own home, we need to safeguard ourselves from something we don't traditionally think of as a threat. Even my husband (who will now follow your advice), who is a businessman can get complacent with the threat that the technology - which helps his business - brings with it.
C.L.
Joined: 30 Jul 2007Posts: 4
I know what you mean; every now and then it’s good to get a little reminder about what we should be looking out for. I was on Facebook the other day and my system stopped a virus being downloaded from the internet whilst I was looking at picture somebody had sent me. Luckily I am using F-Secure Intent Security 2008 with Firewall, Real-Time Scanning, Intrusion Prevention and Spam Control. It costs around £30 but it’s worth it.
Well I hope you get your system behaving and if you require further assistance try emailing me at ian@ncompasscomputing.co.uk
I also see recently there has been a huge increase in spam from Nigeria suggesting you have a lottery win or you are the beneficiary of a will. So if somebody is asking for money from you before they send you your money DON’T DO IT!
PRESS RELEASES
"A recent experiment revealed that UK residents are most likely to be targeted by the infamous Nigerian e-mails and "adult" spam.
One UK participant received 5,414 spam e-mails during the month-long trial."
Best Regards
Ian
Joined: 11 Jun 2008Posts: 15
I checked Snopes .com and it is for real!!
You should be alert during the next few days. Do not open any message
with an attachment entitled 'POSTCARD FROM HALLMARK,' regardless of who sent
it to you. It is a virus which opens A POSTCARD IMAGE, which 'burns' the
whole hard disc C of your computer. This virus will be received from
someone who has your e-mail address in his/her contact list. This is the reason why you need to send this e-mail to all your contacts.
It is better to receive this message 25 times than to receive the virus and open it.
If you receive a mail called' POSTCARD,' even though sent to you by a
friend, do not open it! Shut down your computer immediately.
This is the worst virus announced by CNN. It has been classified by
Microsoft as the most destructive virus ever. This virus was discovered by
McAfee yesterday, and there is no repair yet for this kind of virus. This
virus simply destroys the Zero Sector of the Hard Disc, where the vital
information is kept.
COPY THIS E-MAIL, AND SEND IT TO YOUR FRIENDS. REMEMBER: IF YOU SEND IT
TO THEM, YOU WILL BENEFIT ALL OF US
Joined: 30 Jul 2007Posts: 4
Thank you very much for adding to the discussion, it is always good to be alert and keep people as informed and aware as possible. I have seen this (and similar alerts) before; fortunately it is a hoax or more correctly a chain letter. The instigator wishes the email to travel as far as it possibly can. It is actually listed on a lot of anti-virus websites as such. A common identifier for these types of hoaxes is that they ask you to email it to as many people as possible. If you would like a link to one of the sites please contact me.
However it is worth repeating the danger in opening attachments you feel are suspect. If you receive unsolicited emails from unknown sources just delete them and empty your Deleted Items Folder. NEVER open attachments or click on web site links if you don’t know where it is taking you. It is also worth Checking on elderly or vulnerable friends and family because these will be targeted once identified. It’s worth mentioning the elderly or vulnerable are also targeted via traditional postal methods asking for money to release funds abroad or lottery wins. These can be reported to the police as there is an initiative to clamp down on these forms of extortion.
I am currently receiving around 50 junk emails per day and about 10% of these have viruses hidden in the attachments. The others are asking me to visit “dodgy” websites or purchase “Pharmaceutical items” to enhance my appearance/performance. Fortunately my internet security packages identifies most of these and blocks, deletes or saves to a junk folder informing me of any hidden viruses.
If anybody would like further information on Viruses or indeed any other computer related queries please add to the blog or email direct on ian@ncompasscomputing.co.uk.... Please make your request clear in the subject line so I don’t delete it :-)
Thanks again to Aislinn for raising awareness, please feel free to add more Malware concerns.
Regards
Ian
Joined: 30 Jun 2008Posts: 12
Actually, the sales person told me that the Norton software would cover three computers for one year but because I was only using it for one, it would give me cover for three years. When I installed it, it told me I only have cover for one year.
Joined: 30 Jul 2007Posts: 4
Thank you for adding to our discussion I will try and answer your question with as little bias as possible.
When a machine is purchased from new often a 30 day or limited use trial of software is pre-installed on your PC as if this is something wonderful. Occasionally it is, but it is not unknown for these trial software packages to cause you more trouble than they are worth. There is little to choose between most reputable anti-virus packages; they mostly do what you want them to do and do it as well as their competitors. You may find that what you gain on the swings with one you lose on the roundabouts with another. So in my view MCafee and Norton are both good packages to choose as is F-Secure and Sophos. I would suggest you install Norton as you have the year warranty and updates with that. You will need the regular updates because new threats are being released all the time.
The problem here may arise when you want to uninstall the Mcafee to replace it with Norton. Uninstall sometimes will leave what we term “orphan files” on your PC and occasionally these can affect the new product you are installing to replace it -this happens with lots of software not just anti-virus - it makes you wonder whether it is a mistake or done on purpose….? Most software authors now seem to cope with the issues but something you will need to be aware of.
As for the three years on one machine I believe this to be incorrect, I have checked with my distributors and the Symantec desk and they also believe this to be untrue however you can purchase anti-virus with three year updates. You can also purchase Norton to be used on three home PCs so not seeing what you have got I can’t be sure. If you let me have the product number I will check with distribution again and double check it. The good thing is that you are doing something about malware so good luck let me know if you have further concerns.
Regards
Ian
Joined: 30 Jun 2008Posts: 12
Next time I see that PC man I will have a word with him.
Thank you for the information.
