The malware landscape has shifted – These online threats are waiting for you in 2016

The malware landscape has shifted – These online threats are waiting for you in 2016

Have you ever wondered what you’d do if all of a sudden the data from your your laptop was held hostage? What if you went to make an online payment and your bank account was empty without reason? This is the sort of nightmare one always imagines happens to someone else. Unfortunately, these are just two of far too many threats that we all face in a climate of heightened cyber crime.

Today’s attackers don’t seem to be deterred at all by modern security measures and the use of malicious software is still a rampant issue for banks, businesses and at home users.

blog_main_protection

What is Malware?

The term ‘Malware’ covers a plethora of exploitative programs. Defined most simply, Malware is software that is specifically designed to damage or disrupt your computer system.

So what kinds are there?

Generally speaking, Malware can be broken down into different categories which we will explore here in order of danger.

Viruses – no longer a big deal

A virus spreads itself by smuggling its code into another program. Uses for a computer virus vary from stealing sensitive information, taking control of a computer to complete illegal tasks or simply wanting to prove that it can be done, such as hacking a government website and taking it offline. Similar to its biological namesake, a virus requires a host.

Worms – less common

These nasties are similar to viruses in their shared aim to spread as fast as possible. But, unlike viruses, they don’t require a host program. Worms spread themselves via storage devices such as USB sticks and email. Remember that time your sister gave you the USB with all of the family photos on it and suddenly your computer started freaking out? Yep. Your PC likely had worms.

Antivirus software with a dual-engine fileguard is your best defense against any kind of malware threat that spreads through e-mails, USB sticks or downloads.

Spyware – more scary than disruptive

These, well, they spy on you, and collect various types of data from your PC without your knowledge. Within moments of installation, cyber criminals have their hands on huge amounts of your personal information such as your email correspondence, private photos and again, your credit card details. Spyware is also used for surveillance through Keyloggers: a variety of malware that monitor keystrokes and secretly record everything entered into your keyboard. Personal demand for this technology has expanded rapidly in recent years. As parents become more and more concerned about their child’s online behavior, keylogger software developed as a new form of parental control, much like that setting on your smart TV. With a simple program, parents are able to monitor their children’s keystrokes to see what kinds of conversations they are having online and what they are searching for in google when they think no one is watching.

Ransomware – a costly problem

An exploitative crime, ransomware is a type of malware that encrypts your personal data or locks your entire PC. You are asked to pay a “ransom” via an anonymous service in order to unlock your computer and free your data. Ransomware makes up a huge part of todays active threats as it turned out to be one of the easiest income earners for attackers. All other malware makes its developers money indirectly (by using or selling your computer power), but ransomware directly asks you (the victim) for cash to return your data or access to your PC. This is usually achieved through a lockout screen with a countdown timer and a link to a payment page where you are required to pay your ransom.

Example of a ransomware lockout

Earlier this year, Hollywood Presbyterian Medical Center paid $17,000 in cyber-ransom money to recover patient data that was taken hostage through an online malware attack. This kind of malware is usually installed by a Trojan: the big kahuna of malware.

Trojans – the ultimate exploit

The main objective of a Trojan is to install other applications on your infected computer so it can be controlled remotely. Trojans do not spread by themselves like viruses do. But, much the same as the Greeks’ silent attack on the city of Troy, these malicious codes, when executed, release a second program: this is the Trojan itself. Trojans remain an ongoing issue for financial institutions. They are known for taking screenshots and uploading them to remote servers, gathering IP addresses which can be used to identify you, performing malicious web injections and allowing access to your infected PC to anyone who holds the keys.

Trojans are especially dangerous because they combine two pieces of software: the first infects your computer, the second waits silently until you visit your bank’s website, captures your login details and hijacks your online identity. That same generic password (we know you do it) that you use for every single website, email account, Facebook and internet banking site is now recorded directly after your usernames. A lot of credit card fraud occurs this way, where your credit card details are stolen, and as neither a PIN nor a signature is required when shopping online, simply stealing card numbers, expiry dates and the CVV number (on the back) that you entered into what you thought was ebay is sufficient and lucrative for this kind of fraud.

Trojans can also destroy files or information on hard disks or capture and resend confidential data to an external address. By opening communication ports, your computer can become a bot; a member of a botnet army that is remotely controlled by a cybercrime organization.

Bots- just plain scary

These specifically consist of two parts.

A dropper: the exploit or trojan that then opens the machine to download the actual malware, and

The bot itself: which is a remote control software that connects to a master server to wait for instructions. Imagine you have a remote control feature that allows you to let 100k machines do one thing, what you could do with that! For example, you could let all of those computers send only one spam email per hour. Nobody would notice, yet you could send millions in a short time to sell viagra or to simultaneously access amazon.com with 1000 requests per minute and overload their servers so they can’t earn money anymore. You could request ransom in exchange for not launching the attack.

Sadly, even if the ransom demanded goes into the millions, these bots can continue to be used to hack more computers, wait for a new security leak to be discovered and instruct all bots to scan the entire internet for more vulnerable machines and so on.

Suddenly a 100k network of computers has become a virtual monster computer that can crack passwords, mine new bitcoins or do any other calculation intensive job for free and your computer is now part of that botnet.

We know you didn’t mean to send $10,000 of your savings to help fund a terrorism organization. You didn’t intentionally install keyloggers on hundreds of computers to mine data to be held for ransom. But, too bad. Your computer did and you are 100% responsible for what happens on your PC.

blog_content_breaker_protection

When you access a website, good anti-malware software checks if the address is already known for spreading malware, and if so, gives you a warning instead of loading the site. So, look for an antivirus solution that doesn’t rely on signature-based detection alone, but also monitors your programs for unusual behaviour.

A final note on malware

Malware is designed to disrupt and damage your system. But, be aware that it is getting harder to define threats as just one category now. Bots act viral by spreading themselves around, ransomware acts like a virus in the way it manipulates files. Bots are installed via exploits and Trojans. Malware is dangerous regardless of the type or the delivery.

A note on PUPs (Potentially Unwanted Programs)

PUPs or ‘crapware’, on the other hand, are not usually dangerous, but are incredibly annoying. Want to know the temperature in Aruba every minute of every day? No. Us neither. Yet, this and other highly annoying information is suddenly popping up every time you open a program. PUPs, find their way onto your computer much the same way as malware, through a bug in a reputable site or wrapped up in that useful program you actually wanted. A good security system will detect and remove these while providing sound surf protection; a database that contains the addresses of dangerous websites and prevents you from entering that website in the first place.

Protect yourself against malware and PUPS

It’s not all bad news. There are steps you can take to keep your data and search activity secure.

  1. Make sure all your software is up to date – especially your operating system, your web browser and all browser plugins like Adobe Flash Player or Oracle’s Java Platform.
  2. Be cautious. Ask questions before you click. Read about how threats (and scams) work to avoid becoming a victim.
  3. Make sure you run a strong anti-malware software with real-time protection and surf protection such as Emsisoft Anti-Malware
  4. Run an occasional scan with a second opinion scanner, such as Emsisoft Emergency Kit , Malwarebytes Anti-Malware or Hitman Pro to check whether your PC is Trojan-free.

No matter how computer savvy you are, regularly updated security software with real-time protection should be an essential part of your PC. Protecting your data and your personal details is of primary importance. So what additional features should you be looking for in a well-rounded security program?

Emsisoft Anti-Malware protects your PC in three ways. Surf protection prevents you from visiting dangerous websites. The powerful dual-engine scanner detects any malware if it manages to enter your PC, and even currently unknown parasites will be reliably detected by its advanced behavioural analysis.

Your computer’s health is of utmost importance to us, which is why we work so hard to stay on top of all modern and previous security threats. Threats exist, but so do solutions.

Have a nice (malware-free) day!

Your Emsisoft Team

  • cat1092

    Time to get serious about two items which are essentials for not only Malware protection, one also for drive failures. That’s having excellent security, Emsisoft offers a 30 day free trial of both their Anti Malware & Internet Security for a free cleanup & test drive. Take advantage of either & see the benefit for yourself, I was blocked from an innocent looking site just last night. Had I been relying on a lesser brand, there’s no telling where I’d be temporarily, which brings me to the second part of security.

    Backup, we all talk about it, yet like certain diseases, many will say that ‘the bad happens to others’. Ha! Happens all the time, among our family & friends, as does Malware strikes & hardware failure (specifically HDD/SSD’s here). If we create regular drive images, like weekly, we can easily roll back to a date to where the system is clean, a physical backup image is the BEST System Restore point one can have. Plus it also is an central part of any serious security plan, no security is bulletproof, nor are other OS’s. We may hear that Android/Linux/Mac are less vulnerable to attacks, and to a degree these are, yet guess what?

    The three combined barely makes for 10% of total market share. Malware distributors wants the largest target possible, and that’s Windows users. There are countless ways for those who wants to attack a particular person or organization to do so, beginning with email. If you don’t know the recipient, mark the message as Spam (or Junk if Outlook) & keep that folder emptied, though it OK to open the general folder to see how many are there. Especially if one’s looking for a message not received. Then call the person/business to be 100% sure it’s them, if so, can be marked as Safe.

    The rest, there’s an Empty click at the top of the interface. There are no ‘free’ laptops, ‘discount’ Viagra, ‘mates’ who are dying to meet you, ‘one-time’ opportunities to grab a ‘rare’ stock or other scam. All of which are scams, though some may also contain Malware, and any products purchased (such as that ‘cheap’ Viagra) may well be dangerous to one’s health. Men can obtain these samples at their doctor if not affordable & there’s patient assistance programs for these type of medications & many others.

    If something looks too good to be true, there’s a 99.999% chance there is, don’t open such emails, rather empty the entire Junk or Spam folder w/out a second thought. When purchasing from legit businesses, check their policy in regards to email sharing, and opt-out of this type of advertising. Scammers & Malware distributors alike purchases customer’s lists in bulk, and all it takes is for a few in a neighborhood to open one, and then the Malware is on the loose (what they want), plus may encrypt your computer.

    It doesn’t have to happen. Give Emsisoft a fair shake & see how great their security is & what it can do for you. I guarantee that if one has been running ‘free’ solutions for years, there’s going to be a lot of cleaning up to do. That alone, and keeping one’s computer clean during those 30 days will be plenty of reason to pay the price for protection that’s actually lower in cost than many competitors. Have three computers? That’s the best value that Emsisoft has, the 3 PC deal.

    And don’t forget to backup your computer regularly while clean & in good shape, if anyone needs assistance, we at Bleeping Computer can assist with choices, some of which are truly free.

    One final word & I’m outta here, never store your precious data on your OS or ‘C’ drive, rather transfer these to an external drive as created, a USB Flash drive is a good temporary device, though an external drive is better. At any rate, two or more copies off of the OS drive will guarantee you that the data thieves won’t encrypt your precious documents & memories. The OS is replaceable at little to no cost, your data is priceless!;-)

    Cat