  Fake security tools still big threat, worms on rise
Reported by Industry Standard on Friday, 6 November 2009 (on November 6, 2009)
|
The No. 1 offender to Canadian's PCs in the first half of 2009 was Win32/ZangoSearchAssistant, adware that victims probably don't even know hit them, according to a recent security report from Microsoft Corp.
ZangoSearchAssistant tricks unsuspecting users into downloading it in the guise of improving search results and producing related links based on user-specific keywords, explained Mohammad Akif, security and privacy lead with Microsoft Canada Co.
"You might think what a stroke of luck, I was just searching for Michael Jackson earlier, and now this offer is popping up," said Akif. But in reality, the related links are companies in ZangoSearchAssistant's network.
Most of the Top 25 security threats listed in the seventh version of the Microsoft Security Intelligence Report (SIRv7) are consumer threats, but those of importance to the enterprise include ASX/Wimad and Win32/Renos, said Akif.
Both Trojans, Wimad and Renos have had a presence in the enterprise for some time, as have others, said Akif. "That is the biggest category from an enterprise perspective," he said.
Wimad, for instance, positions itself as a Windows media file, tricking users into downloading it.
SIRv7 also reported that worm infections rose by nearly 100 per cent compared to the preceding six months, thanks to Conficker and Taterf.
While spikes in infection rates are normal when new attacks are launched, they are usually just a "small bump," said Akif. "This is a little bit unusual," he said.
Akif added that the fact that these two worms spread as quickly and effectively as they did is a testament to the strength of these types of threats.
Conficker can spread through an enterprise that didn't have appropriate security rules in place, said Akif. Taterf, spreading primarily through the online gaming community, could still infect enterprises if the child of an employee had an infected PC from playing online games, and transferred infected files to the parent's PC, who then transferred them to work, said Akif.
SIRv7 also indicates that rogue, or fake, security software remains a major threat, although infections did drop by 20 per cent in the past six months.
"All over the world, it has become the No. 1 threat," said Akif.
There were 16.8 million infections in 2008 compared to 13.4 million in the last six months. But rogue security software is morphing, becoming more sophisticated in how it attacks, said Akif. It's more difficult to identify now because they do things like latch on to free software.
While rogue security software is typically not a huge pain for large enterprises with security policies in place, Akif said resource-constrained small to medium businesses are an easy target.
According to Toronto-based security consultant, Brian O'Higgins, rogue security software is particularly crafty because it preys on a combination of fear and training.
"People have been trained to be concerned about security,and when a pop-up comes on that claims your machine is at risk, they are willing to install the software," said O'Higgins.
Moreover, advertisements for scareware find their way to reputable sites after the malware distributors have successfully worked around search engine optimizations, said O'Higgins.
But while some scareware actually does remove malware, said O'Higgins, they are created to be difficult to remove because they can't be uninstalled unless the user pays a removal fee.
Links: Full news story
|
|
|
|
|
| Recent related news |
| |
Huffington Post
23 hours ago - World | On the eve of Chaharchanbeh Souri (Festival of Fire), on the last Tuesday of the Iranian year, which... |
Proactive Investors
1 day ago - Business | Amphion Innovations (AIM: AMP) said its partner company Kromek has raised £12.3 million in the... |
Business Insider
1 day ago - Business | NEW YORK (AdAge.com) -- In the past year, Twitter grew up, became mainstream and finally admitted it... |
Huffington Post
2 days ago - World | \"Nuclear war must be the most carefully avoided topic of general significance in the contemporary... |
Huffington Post
2 days ago - Politics | Cross-posted with TomDispatch.com. Every great American boom and bust makes and breaks its share of... |
| |
guardian.co.uk
3 days ago - UK | Seven floors of abandoned opulence with breathtaking views – the perfect squat. But the squatters... |
guardian.co.uk
3 days ago - World | During a week with women's issues unusually high up the agenda, the lack of progress for millions is... |
Business Insider
3 days ago - Business | This week we do some review on a very important topic, the velocity of money. If we don’t... |
Industry Standard
4 days ago - Computer Industry | Is your IT career on the right trajectory? Do you have a plan for acquiring new skills and... |
Industry Standard
4 days ago - Computer Industry | A new set of predictions by Gartner Inc. reports that by 2012, 20 per cent of businesses will not own... |
| |
|
|
|
Facebook
E-mail
Twitter
Mixx
StumbleUpon
FriendFeed
Tweet the News!
Select Region >
Top News RSS Feed | News for my Website | Archive | Advertise | Help | Enquiries | Bookmark this site | 
U.S. version
