Tag: virus

Rampaging Ransomware

How long until we see ransomware infecting smart devices asks a Romanian security researcher?

A few years ago Ransomware was a joke, malware would install a screen that would demand a ransom be paid to ‘unlock’ the computer. It was easy to get around and almost trivial to remove.

Then came Cryptolocker, a nasty piece of malware that would gleefully encrypt a victim’s hard drives, rendering them inaccessible unless a sizeable ransom was paid.

Ransomware suddenly became serious.

Cryptolocker eventually was unpicked with a cracking tool released and the ring’s alleged founder, Evgeniy Bogachev, now on the run from US authorities with a three million dollar reward for his arrest.

A better class of ransomware

Now the gangs running the ransomware scams are even more sophisticated and well resourced with Andrei Taflan of Romanian security company BitDefender describing how Bitcoin values are often tracking ransomware activity.

“When we see Bitcoin values surging we watch for increased ransomware activity. Someone is buying Bitcoins to unlock their data,” Taflan told me last week in an underground bar appropriately called The Rabbit Hole.

Taflan’s colleague Bogdan Botezatu describes how the ransomware problem is getting worse, not better, with Cryptowall patching the weaknesses that led to Bogachev’s downfall.

One of the fascinating aspects of Cryptowall is that it’s polymorpic – it changes shape to elude traditional signature based anti-virus programs. The malware also creates unique Bitcoin wallets to make tracking transaction harder.

Paying the ransom

Many businesses being infected by Cryptowall and having data locked away by an industrial grade encryption program makes it a no brainer to pay the demands. It’s a profitable business.

Faced this rather impressive piece of work, Botezatu raises a chilling prospect about ransomware in the Internet of Things; how long, he asks, will it take ransomware to target more sensitive devices we use, including cars and medical implants?

Botezatu’s concern illustrate why security with the Internet of Things is absolutely essential if industry and the public are to have any confidence in connected devices.

Similar posts:

  • No Related Posts

Microsoft and the zero day Tiff

The Windows TIFF exploit is a good reason for being careful with your email attachments.

One of the most dangerous things in computer malware is the Zero Day Exploit where an error in a program is used by the bad guys before it can the hole in software can be fixed.

A particularly irritating zero day exploit is the TIFF bug in Windows systems where users using Microsoft products can be fooled into opening what appears to be an image file but what turns out to be something more malicious.

Even more irritating with this bug is that Microsoft aren’t going to fix the problem in Windows XP systems until January’s patch Tuesday which means many people will be susceptible to this problem for nearly two months.

Zero day exploits are a good reason why every computer user needs to have an up to date virus checker and to take basic precautions before surfing the web or downloading email.

For Windows users it might be worthwhile taking extra care with email attachments for the next few weeks.

Similar posts:

  • No Related Posts

Ending the era of Mac complacency

Does the Flashback bug end the Mac’s virus free status?

The news that the Flashback Trojan has infected an estimated 600,000 Apple Mac computers has been greeted with joy by the dozens of industry experts that have predicted a virus holocaust for smug Mac users for nearly a decade.

While the Flashback malware – the earlier versions could be described as a computer Trojan Horse while the later editions are more like a computer worm – is a real risk to Mac users and it’s important to take this risk seriously.

The Netsmarts business site looks at how Mac and Windows users can protect themselves from Flashback and its variants.

One of the key things in the advice is to make sure anybody using the computer has limited rights; as a Managed User on the Mac and as a Limited User in Windows. This dramatically reduces the opportunity for bad things to happen while online.

I’ve discussed previously while user privileges are one of the reasons why the Mac has historically been less prone to infection to virus infections than their Windows cousins.

Microsoft made the decision in the 1990s not to tighten Windows’ security settings and their customers paid the price for the next decade. This was compounded by some poor implementations of various technologies in Microsoft Windows.

This isn’t to say the Mac, or any other computer system, doesn’t have security bugs. Every operating system does and it’s a conceit of everybody immersed in new technologies, be it cloud computing back to horse drawn chariots, to believe their products are magically infallible.

Part of the crowing from the security experts and charlatans who’ve been desperately predicting a “Macapocalypse” for nearly a decade overlook this.

Even with the proven problem of the Flashback virus, its unlikely we’re see the deluge of malware like that of the early 2000s simply because the Mac OSX, Windows 7 and all the other mobile and computer operating systems don’t have the structural flaws that Windows 98, ME and early versions of XP had.

Much of the Mac versus PC argument in security is irrelevant anyway; the main game for scammers and malware writers has moved to social media services like Facebook and this is where computer users need to be very careful.

However the stereotype of the “Smug Mac” user was true, one caller to my radio show claimed he didn’t have a problem with spam because he had a Mac. Nothing could convince him that email spam wasn’t related to the type of computer you used.

To be fair to Apple they never made the claim their computers were invulnerable to malware, apart from the odd dig at Microsoft. Their users did it for them.

That type of smug Mac user are those who do need a wake up call. For the industry though, it’s business as usual although some will be feeling a little smug their hysterical predictions of the last decade came true in a small way last week.

Similar posts: