Leave a Comment

Malware: Threats and Risks – What You Can Do About It, Part 1

If even a small minority of all the hackers out there focused their intelligence, inventiveness and imagination away from malware and into constructive web-based endeavors, we’d all be better off.

That said, don’t hold your breath. Malware is an ongoing problem and scourge to both public and private entities and you need to understand what it is and how to deal with it.  It’s a huge topic so I’ll break up the text into multiple posts.

First of all, you need to know what malware is – executable code that runs on your computer and is designed to cause some sort of damage – either by harming your data or stealing it.  But the operative word is ‘executable’ – it’s a program, therefore it has to be activated, and in most cases requires someone unknowingly installing the malware and running it.

Hackers are constantly looking for new ways to trick users into ‘clicking’ on something – and that simple one stroke click can activate the software and quickly start wreaking havoc.

Malware: Threats and RisksLast month, for instance, we decided to test a computer sans any AV/malware protection, went online and started browsing.   We checked out Google for Indian flags and clicked on one – suddenly messages popped up that allegedly were from the operating system stating that the disk was broken, partitions couldn’t be found, and other formidable looking warnings.  All looked legit.

Then an alleged Microsoft tool popped up offering to ‘scan’ the warnings.  I know what the real program looks like – this one was an almost identical clone but there were obvious clues that it was a fake.  But since we were running an experiment, we followed along, clicked, and the program claimed to have scanned our entire system in less than two minutes.  Of course, it found several issues that required an immediate fix, and up popped another screen requesting gobs of personal information, including a credit card number – to purchase the software and fix the computer.

We downloaded a Kaspersky emergency cleanup tool and cleared the virus, but even when the computer was clean we still couldn’t access our data –  the scanning tool had set the hidden attribute to all files on the disk, OS, data, programs – everything was hidden and it appeared that the disk was empty.  Once the hidden attribute (attrib-h) was removed, the system was restored.

But you can also get dinged from stealth programs that read what you type – known as keyloggers.  Fortunately this is becoming less commonplace as good AV software will become aware of keyloggers by their behavior.  There’s also software that functions as a browser add-on that can protect your secure websites – if you try to do online banking, for instance, and you’re not connected to the right IP address, the software will stop you.

Lastly, beware of malware being distributed now via HTTP – rather than hand delivering a nice little virus to you via email, the hacker will place the code on a web server and entice you to go a particular website.  In most cases, these are legitimate websites that have been compromised – unbeknown to the site’s owners.  A script attached at the bottom of the home page index.html file can add hidden links to this page which the user won’t see.  So while browsing, the mouse causes a piece of malware code to start running, it’s installed on the computer, and the hacker’s off to the races and starts pilfering your data.

Getting a bit nervous?  Stay tuned for Part 2 where I’ll wax eloquent on malware and email issues.

This entry was posted in: Malware
Tagged with: ,


Our mission is to produce, configure and maintain effective, affordable, computer security systems to protect the computer systems of enterprises of all sizes. We believe that all companies, regardless of size, should be afforded the same level of protection.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s