Why Malicious Programs Spread So Quickly?

Home
>
Internet Security
>
Why Malicious Programs Spread So Quickly?

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That is why malicious programs of various kinds (viruses, worms, Trojan horses, etc.) are very often aimed at stealing valuable -- in a direct sense of this word -- private and financial information. When written, these programs are spread all over the Web.

What do means of their distribution have in common? Thinking a bit about it will help us ordinary Web users realize how to behave online and what to avoid.

Let's use logic and good old common sense. What do you think are the most suitable (for a criminal)means to spread malicious code? The answer is almost obvious. It is something which, first,ensures his anonymity and, second, offers victims (i.e. us) very little or no protection against malware. Last, but not least -- this means should be very cheap or, even better, free.

(I'll confine myself to mentioning only those means which endanger EVERY Internet user. Not everyone exchanges files or downloads music and freeware. But is there anybody who doesn't send and recieve email or visit websites?)

Well, if you were a cybercriminal who wanted to spread a malicious program quickly and as widely as possible, how would you distribute it?

What first comes to mind? First, sending contaminated emails through spam. It is possible (and not too difficult for, say, a programmer) to enclose virtually anything into the attachment. With more effort, a programmer can create a message without any attachments that will infect a PC anyway.

Though many email service providers offer basic anti-virus protection, they aren't obliged to do it. How effective this protection is -- that's another question.

Besides, spam is very cheap to distribute. Of course, spammers of all stripes don't use their own machines. Why should they? They prefer PCs which became remotely controlled after being infected with a special program. Cybercriminals build huge networks of such machines and hire them out to spammers. Using "bots" (they are also called "zombies" or "slave computers") gives a spammer so valued anonymity -- spam messages come to frustrated PC users from IP addresses registered somewhere on the other side of the globe.

What about other possibilities? Websites. Malicious websites are very dangerous.Cybercriminals create them exclusively to execute malicious code on the visitors' computers. Sometimes hackers infect legitimate sites with malicious code.

When unsuspecting users visit malicious sites, various nasty applications are downloaded and executed on their computers. Unfortunately, more and more often these applications contain keyloggers--software programs for stealing information.

Keyloggers, as it is clear from the name of the program, log keystrokes --but that's not all. They capture everything the user is doing -- keystrokes, mouse clicks, files opened and closed, sites visited. A little more sophisticated programs of this kind also capture text from windows and make screenshots (record everything displayed on the screen) -- so the information is captured even if the user doesn't type anything, just opens the views the file.

Blogs can be contaminated with malware, too. In April experts from Websense Security Labs warned users that they discovered hundreds of these "toxic" (contaminated with malcode) blogs set by hackers. Blogs are suitable for them: there are large amounts of free storage space, no identity authentication is required to post, and there is no scan of posted files for viruses, worms, or spyware in most blog hosting services.

Three months passed, and here is the quote from a new Websense report released this Monday, July, 25th : "hackers are using free personal Web hosting sites provided by nationally- and internationally-known ISPs to store their malicious code?" This July Websense detected that these sites are used for this purpose much more often. The company's senior director of security and technology research said that "in the first two weeks alone we found more instances than in May and June combined." By all means it's a tendency, and a very disturbing one.

Such sites are free and easy-to-create. With the average lifespan of between two and four days, they are difficult to trace. Free hosting services rarely offer even basic security tools. Short-lived websites,no files scanning for viruses, nothing prevents "authors" form uploading executable files ? isn't such a site an ideal tool for distributing malicious code?

Anonymity of the creator -- no end user protection -- no cost. What else can a cybercriminal wish? That is why there was the outbreak of "toxic blogs" in April - and that's why infested free websites are multiplying so quickly now.

But how to contaminate as many computers as possible? It is the aim of cybercriminals, isn't it? The more traffic, the more programs lands on end users' computers. Hackers attract traffic to malicious websites by sending a link through spam or spim (the analog of spam for instant messaging (IM).

They are ingenious in finding new ways to make people open an attachment or click on a link to visit a certain website, though people are constantly told not to follow links in spam.

Just some of their dodges -- disguising infected spam emails as CNN news alerts, subject lines with "breaking news" like "Osama bin Laden caught", "Michael Jackson tried to commit suicide". How about celebrities in the nude? Just click! And, one of the latest, an "amateur video" that ostensibly shows London bombing sights.

These (and similar) tricks are usually called social engineering. Online criminals have become good psychologists -- the big bucks which crimes like online bank fraud can bring turned them into earnest students.

However, there is one thing that spoils the mood of those who spread malicious programs.

To hackers' deep regret, people become more aware of the risks they face in the Internet. A study by Pew Internet and American Life Project released on July 6th shows that:

91% (!) of respondents (adult Internet users from the U.S.) changed their behavior online one or way another. 81 % have become more cautious about e-mail attachments 48 % have stopped visiting certain websites which are said to be harboring malicious programs People stop using file-sharing software (25%) and even start using Mozilla, Firefox or other browser instead of Internet Explorer (18%)

Well done! Actually, there is nothing left for us users but to become more conscious of the threats and more cautious in the Web. Every PC user has to care for his information himself, protecting his own computer against numerous data-stealing programs of all sorts.

But don't you think that protection against various malicious programs shouldn't be only end users' private business? It is up to service providers to offer at least basic protection for end users and break this "triad" (Anonymity of the creator -- little or no end user protection -- little or no cost) which enables all this crap to spread so easily.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various products and services for information security. Software aimed at making identity theft impossible, services like protected email and protected Web hosting are only small part of what this company offers.

Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:

pen paper and inkwell

cat break through

How To Give Away Your Personal Information

Identity Theft and Your Personal Information Identity theft is... Read More

Its Time to Sing the Encryption Song - Again!

Yes, I'm wearing my encryption hat again. Why you may... Read More

A Basic Introduction To Spyware

Spyware is the most troublesome software to appear on the... Read More

Its War I Tell You!

There are ways to insure security though. You can get... Read More

Check Out That Privacy Policy

Before you enter your name, address or any other data... Read More

Message Board Security Problems

Security leaks can be a big problem for any site... Read More

Personal Firewalls for Home Users

What is a Firewall?The term "firewall" illustrates a system that... Read More

Crack The Code - Thats A Direct Challenge

I Challenge You To Crack The Code ------------------------------------- I had... Read More

Are You Surfing Safe?

Ok, you've got a computer, and you get online. You... Read More

Blogs as Safe Haven for Cybercriminals?

To blog or not to blog? Well, why not? Lots... Read More

Breaking Into Your PC: News...

You'd better learn news from media, not from emails, security... Read More

Is Your Music Player Spying On You?

In today's times spyware is a very serious issue and... Read More

Mall Protection

The Loss Prevention Manager should be receptive to the needs... Read More

3 Things You Must Know About Spyware

1)Spyware is on your system. Like it or not, statistically... Read More

How to Get Rid of New Sobig.F Virus?

As you know, this time the virus under the name... Read More

Burning Bridges is Bad, But Firewalls are Good

When you signed up for that ultra-fast DSL or Cable... Read More

Criminals are Fishing For Your Identity

What is Phishing? In a typical Phishing attack, a criminal... Read More

Another Fine Mess!

I'm in the Anti-Spyware business, and I'm doing a lot... Read More

Whats All This I Hear About Firewalls?

At this point, if you've got the whole "turning the... Read More

A Painless Plagiarism Solution

A crowded marketplace can lead to unethical webmasters using underhand... Read More

Top 10 tips for Safe Internet Shopping

Over £5 billion pounds was spent on online shopping in... Read More

Free Ways to Tackle Threats to Your Computer

Protect Your PCHaving problems with your pc? Do your kids,... Read More

Computer-Virus Writers: A Few Bats In The Belfry?

"Male. Obsessed with computers. Lacking a girlfriend. Aged 14 to... Read More

The Saga of the Annoying Adware

When we think of adware, what comes to mind are... Read More

Are They Watching You Online?

When surfing the Internet you probably take your anonymity for... Read More

Types Of Computer Infections

Computer infections can be broken up into 4 main categories... Read More

Phishing ? Its Signs and Your Options

Phishing is the act of some individual sending an email... Read More

Wells Fargo Report Phishing Scam

First off I should explain what phishing is. Phishing is... Read More

Clown Internet Scam - An Internet Scam is Currently Targeting Clowns and Other Entertainers

I am the victim of an internet scam. It is... Read More

Avoiding Scams: If It Sounds Too Good to Be True, It Probably Is

A week or so ago, I received an inquiry from... Read More

Spy Scanners ? Don?t Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually... Read More

Free Spyware Removal - Its Not As Easy As It Sounds

Nobody wants to pay to remove spyware. At the very... Read More

SCAMS ? Be Aware ? And Report When Necessary

The Internet is a vast International Network of people and... Read More

dog break through

pen books and inkwell

Web Browsing - Collected Information

You may not realize it, but as you are surfing... Read More

Network Security 101

As more people are logging onto the Internet everyday, Network... Read More

The Bad Guys Are Phishing For Your Personal Information

Do you know what "phishing" is?No, it doesn't mean you... Read More

Dont Allow Hackers to Take Out Money from Your Bank Account

If you know what is the 'Fishing' then it's very... Read More

Dont be a Dork ? Protect Yourself

There are folks out there who use their powers for... Read More

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More

How To Avoid Hackers From Destroying Your Site?

Recently, my site and other internet accounts ( http://www.nabaza.com/sites.htm )... Read More

Mail Forwarding - Why Would You Do It?

First of all we need to get some terms stated.... Read More

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That... Read More

Spy Scanners ? Don?t Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually... Read More

SPYWARE - Whos Watching Who?

I am in the midst of Oscar Wilde's The Picture... Read More

Arming Yourself Against Spyware

While clicking from site to site on the internet you... Read More

Viruses and Worms, Protection from Disaster

Virus damage estimated at $55 billion in 2003. "SINGAPORE -... Read More

Firewalls: What They Are And Why You MUST Have One!

A firewall is a system or gateway that prevents unauthorized... Read More

The Top Twelve Threats No Computer User Should Ignore

The internet is undoubtedly a fantastic resource for families and... Read More

Dont Get Hacked - A Guide to Protecting Your Business from Thieves

You've seen it in the news - 40 million credit... Read More

The Attack of the Advertiser - Spy Mother Spy

The menacing campaigns that drive the corporate spyware and adware... Read More

Delete Cookies: New-Age Diet or Common Sense Internet Security?

No, this article isn't about some new, lose-20-pounds-in-a-week, certified-by-some-tan-Southern-California-doctor diet.... Read More

Three-pronged Trojan Attack Threatens Security on the Internet

Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names... Read More

Its War I Tell You!

There are ways to insure security though. You can get... Read More

Criminals are Fishing For Your Identity

What is Phishing? In a typical Phishing attack, a criminal... Read More

How Can Someone Get Private Information From My Computer?

From the "Ask Booster" column in the June 17, 2005... Read More

SCAMS ? Be Aware ? And Report When Necessary

The Internet is a vast International Network of people and... Read More

How to Fight Spyware

If you are wondering how to fight spyware for safe... Read More

Parental Control - Dangers To Your Child Online & Internet Child Safety Tips

Did you know...? 1 in 5 children who use computer... Read More

Internet Shopping - How Safe Is It?

Millions of people make purchases online, but many people are... Read More

Phishing: An Interesting Twist On A Common Scam

After Two Security Assessments I Must Be Secure, Right? ... Read More

Viruses, Trojans, and Spyware - Oh My!

Have you ever had to call Symantec or McAfee to... Read More

How to Know Whether an Email is a Fake or Not

A few nights ago I received an email from "2CO"... Read More

Traditional Antivirus Programs Useless Against New Unidentified Viruses!

Every now and then you can read about a new... Read More

Money Mule Email Scam Hits U.S.

Imagine this ? you open up your email box and... Read More

The Risk Of Electronic Fraud & Identity Theft

Electronic Fraud and Identity Theft Human beings are pretty... Read More

Identity Theft Article ? A Phisher Is Trying To Steal Your Identity!

Sooner or later everyone with an email account will receive... Read More

Access Info Hub | Privacy Policy | Contact |

FTC Required Website Disclosure: You should assume that the Owner of this Website has an affiliate relationship and/or another material connection to the providers of goods and services mentioned in this website and may be compensated when you purchase from a provider. You should always perform due diligence before buying goods or services online. The Owner does not accept payment or merchandise in exchange for the reviews themselves. They are written objectively and with honesty.

Amazon Affiliate Disclaimer: AccessInfoHub.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.