Categories
Latest
Popular

Computer User Reminder: Most Malware Attacks are through Deception, Not Software Flaws

By Skull_and_crossbones.svg: Silsor Computer_n_screen.svg: Everaldo Coelho and YellowIcon derivative work: Kizar (Skull_and_crossbones.svg Computer_n_screen.svg) [LGPL (http://www.gnu.org/licenses/lgpl.html)], via Wikimedia Commons

By Skull_and_crossbones.svg: Silsor Computer_n_screen.svg: Everaldo Coelho and YellowIcon derivative work: Kizar (Skull_and_crossbones.svg Computer_n_screen.svg) [LGPL (http://www.gnu.org/licenses/lgpl.html)], via Wikimedia Commons

This is something every computer user should know or realize. According to vol. 16 of Microsoft’s Security Intelligence Report (SIR), computer virus or malware attacks have been significantly growing in the last quarter of the past year. Interestingly, the increase is largely attributed to deceptive methods and not on software flaws. Most of the information presented in the SIR is based on data obtained by Microsoft’s malware removal tool.

Globally, 5 to 5.8 computers for every 1,000 were found to have been infected by malware in the first three quarters of 2013. A significant jump was recorded in the last quarter when it reached 17.8 for every 1,000 or 1.78%. This increase is the highest quarter-to-quarter jump in infection figures recorded by Microsoft.

More Deception, Less Bug Exploitation

It is worth pointing out that most of these infections were made possible by deceiving computer users and not by actively attacking bugs, flaws, or infirmities in software or applications. In an interview with eWEEK, Holly Stewart, a senior programmer of Microsoft’s Malware Protection Center, said that the large increase in infections recorded by Microsoft is mostly due to the addition of signatures for a couple of deceptive programs along with the increase in ransomware.

This switch in tactics is apparently the response of hackers to improved cybersecurity. The most common method to deceive users in installing malware on their systems is through downloads.

By Adius (Own work) [CC0], via Wikimedia Commons

By Adius (Own work) [CC0], via Wikimedia Commons

Free Downloads as the Leading Deceptive Scheme

According to Microsoft’s report, malware is bundled with legitimate software, videos, or other content that can be easily downloaded from the Internet. Once the malware is downloaded and unwittingly installed, there are no major changes on the system. The infected computer continues to function normally but the IP address or the online reputation of the computer owner tends to be negatively affected. In many cases, an infected computer becomes tagged with fraudulent or suspicious activities like click fraud.

One example of free downloadable content that is bundled with malware is “rotbrow.” It is a free application that claims to provide protection for browsers against malicious browser add-ons. It was initially considered as a harmless download until it started distributing sefnit on millions of computers.

Exploit Focus on Java

Malware that exploit security flaws or other software defects remain to exist but they are mostly attacking Java to infect computers. These exploit kits are now attacking Java in more than 70% of the cases tracked by Microsoft’s malware detection and removal tool. Taking this into account, Microsoft’s SIR concludes that the tendency is to exploit software that come with less memory protection and defensive mitigation techniques.

Online Cautiousness and Vigilance

Microsoft’s advice to every computer user is to be cautious and vigilant against all kinds of threats. The company recommends the use of newer software and updating older applications to make sure that they have the right protection against threats and that bugs or security flaws have been fixed. Those who are still using Windows XP, which has now apparently become a risk factor, are advised to update their operating systems. Microsoft also advises computer users to download content only from reliable sources. It is important to remember that search engines cannot guarantee results that are safe and secure. Additionally, an antivirus software should always be installed in every computer. There are many free antivirus or malware protection tools available so there should be no excuse not to have one. Generally, they do a good enough job in detecting and preventing the installation of malware on computers.

By Adius (Own work) [CC0], via Wikimedia Commons

By Adius (Own work) [CC0], via Wikimedia Commons

Cybercriminals will never run out of ways to find new victims. For now, they are mostly using deceptive tactics but they will surely find ways to launch successful attacks when deception already ceases to be effective. It’s very important to be cautious, to always have the right software protection, and to heed to threat reports and alerts like the one provided by Microsoft.