Should we all just go Google "Canary"?

        When I think of protecting myself from malware the first thing that comes to mind is don’t go to crazy websites. The next thing I think of is a good anti-virus software to scan my personal computer to seek out malware and destroy it. It never occured to me that I should look at another line of defense to help add me in the anti-malware war. There is a new developmental version of googles web browser called the “Canary” version of Chrome. This could possibly change everything and give the antivirus company’s a scare.


        







         The goal behind the new browser is to show a small warning note in the area of the screen reserved for downloads, notifying the user that it has prevented malware from being downloaded. Most of the new sites prevented by Google is not from their traditional black list of infected sites. They are the ones that may change browser settings or install ads, and hijack the browser for whatever malicious acts they want do.



       I think google is going in the right direction by adding this extra layer of protection. It would be nice to have my browser block all malware that tries to enter my computer and also warn me of possible sites that they have located malware and viruses on before. This all sounds good in theory and it would be nice for me not to have to pay a yearly subscription for anti-virus software, but the harsh reality is that hackers will eventually find a way to get around this new browser creation. I’m still all for it because the more layers of protection the harder it’ll be for the hackers, and may even steer away the new or want to be hackers as it could prove to be too much work.

Work Cited:

Hachman, Mark. "Google's Chrome Will Automatically Block Malware." PCWorld. N.p., 01 Nov. 2013. Web. 05 Nov. 2013.

Kavilanz, Parija. "Google's Dreaded 'Blacklist'" Yahoo Finance. N.p., 05 Nov. 2013. Web. 05 Nov. 2013.

  

Not scared yet? Meet RATS

As if we didn't already have enough to look out for while using our laptops, desktops, tablets and smartphone, RATS, or Remote Administration Trojan, is another harmful form of malware out there waiting to do damage. RATS is defined as, "malicious programs that run invisibly on host PCs and permit an intruder remote access and control". As stated in our presentation, trojan horses disguise themselves as useful software so that the user of the computer will not suspect a potential danger. In fact, this type of malware has used a number of different avenues to get into computers including:

• Per-to-Peer Sites
• Java Exploits
• Social Media and chat accounts
• Phishing emails

Blackshades NET is software developed to allow user the ability to spy on either the spouse, children or any one else that uses the computers. But while a cautious mother may think she is getting software to keep a monitor of what her children do on the internet, that software is taking full control of the computer and possibly cause major damage.

Blackshades Net is capable of installing Ransomware, torrent seeders, USB infectors, Facebook controllers and more. Torrent seeders allowing the malware to continuously be spread via fake torrent descriptions. USB infectors install the malware on USB drives and spread the malware when that USB drive is plugged into a different computer. Facebook controllers take advantage of users not completely logging out of their Facebook accounts before closing their browser. The malware will make posts of behalf of the users linking others to malicious software.

As bleak as it sounds, malicious software is getting more sophisticated each and every day. Anti-Virus software can only do so much. Users must be mindful of exactly what they are downloading and agreeing to.



References:

Grimes, Robert. "Danger: Remote Access Trojans." Microsoft. N.p.. Web. 30 Oct 2013. <http://technet.microsoft.com/en-us/library/dd632947.asp&xgt;. 

Kujawa, Adam. " You Dirty RAT! Part 2 – BlackShades NET ." . Malawarebytes, 15 Jun 2012. Web. 30 Oct 2013. <http://blog.malwarebytes.org/intelligence/2012/06/you-dirty-rat-part-2-blackshades-net/>.

Cryptolocker: Don't be a Victim!

One of the most frightening forms of malware is ransomware. Ransomware infiltrates your computer, typically encrypting the files on your machine or locking your machine completely. The creator will demand that you pay a certain dollar amount to regain access and control of your machine. Obviously, receiving control again is never guaranteed since you can’t truly trust a criminal.

In January of this year, a new type of ransomware, Cryptolocker, began infecting machines. The malware gains access to your computer and then wraps all accessible files in an encryption so that the victim cannot access them. A message appears on the screen demanding payment within three days to unlock the encrypted files. If the payment is not received within the timeframe, your files will be lost forever! Cryptolocker criminals, unlike most ransomware criminals, do however seem to have a good reputation of restoring your files after the ransom has been paid. This doesn’t mean you couldn’t be a victim again though at a later time.

The new Cryptolocker malware has proven cybercriminals to be clever capitalists. Initially, cybercriminals were demanding $100, but after finding the public is willing to spend even more for the decryption of their files, the ransom price has gone up! Now, you’ll have to pay $300 within the given three day timeframe if you ever want to see your files again! Over the past few months, the Cryptolocker criminals have begun to realize that some of their victims would rather lose their computer files than allow the criminal to access their bank account or credit card information in order to pay the ransom. In response to a potential loss in revenue, the cybercriminals have begun accepting payment in the form of bitcoins, a form of online payment that allows the victim to pay safely via an unknown origin. This savvy business decision has led to a boom in business for the cybercriminals!

 

As frightening as this is, you can take certain precautions to protect yourself from the threat of ransomware. Make sure your operating system and computer software are up-to-date. Use anti-malware software that is up-to-date. Never click on or download material from suspicious sources or sources you do not trust. Lastly, back up your files regularly. That way, if your machine does get infected with ransomware, you have a fairly recent version of your files that you can use to restore your machine.

 Works Cited:

Microsoft Malware Protection Center. Ransomware. Microsoft, 2013. Web. 20 Oct. 2013. <http://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx>

Matthews, Lee. Cryptolocker malware now accepts ransom payments in Bitcoins. Geek.com, 18 Oct. 2013. Web. 21 Oct. 2013. <http://www.geek.com/apps/cryptolocker-malware-now-accepts-ransom-payments-in-bitcoins-1574298/>

Matthews, Lee. Disk encryptiiing Cryptolocker malware demands $300 to decrypt your files. Geek.com, 11 Sept. 2013. Web. 20 Oct. 2013. <http://www.geek.com/apps/disk-encryptiing-cryptolocker-malware-demands-300-to-decrypt-your-files-1570402/>

Goodin, Dan. You’re infected – if you want to see your data again, pay us $300 in Bitcoins. Arstechnica.com, 17 Oct. 2013. <http://arstechnica.com/security/2013/10/youre-infected-if-you-want-to-see-your-data-again-pay-us-300-in-bitcoins/>

MalWare: Will It Ever End??

 

 

Malware has become a major problem across the globe which is very scary. First it was attacking computers and computer files and now it has spread to Smartphones and also Invading Social networking sites. And Guess what? Now the attacks are beginning to target your automobiles and homes. You may even begin to ask yourself, “Will Malware Ever End?”  Well, I hate to be a bearer of bad news but the answer to that question is “NO,” it doesn’t look that way no matter what anyone says.

Of course, there are software companies out here such as Bronium and McAfee who feel that they can come up with software to lighten the attacks or even eliminate Mal-Ware altogether. Even though they will probably not end Malware who are we to tell them that they can’t try to help. There are probably a few others who believe Malware will end but that is absurd! The facts are the threat of malware is increasingly prevalent, and has truly evolved during the last couple of years (Z.Whittaker). 

Research says that as developers take precautions implementing security measures to ensure their newly developed products are more secure, malware is continuing to evolve and infiltrate deeper in the code. Not only is it becoming intelligent but it is also generating revenue. Creators of Malware bring in about $10,000 a day which is 3,650,000 a year.  So Malware is pretty profitable.

Now that you have read some of the facts, do you still believe Malware will end? If so, listen to this, in the 3^rd quarter alone this past year Malware detections have increased from 41,000 to 156,000, this exceeds three times as much from last year. To top that off; According to Ricky Magalhaes, Android Malware could reach the 1 million mark by years end. Cyber criminals even hijack software update services so that when you update a system, malware is downloaded and installed.

So, there you have it, Malware for surely will never end. This problem will continue to grow and grow for many years to come. Therefore, as long as Technology continues to develops and become increasingly intelligent, so will cybercriminals as will malware.  Now do I have any believers???

 

 

 

 

Works Cited

Megalhaes, Ricky. “Malware Impact, serious and long lasting,” www.windowsecurity.com  

January 23, 2013

 Whittaker, Zack. “Android Malware could reach the 1 million mark by years end” June 5, 2013

 

 



 

 

THE FUTURE OF MALWARE: NOTHING TO LOOK FORWARD TO

     

    As the world we live in today continues to evolve and change, unfortunately, so will the sophistication and motivation of criminals utilizing Malware to defraud and victimize thousands of people every year.  The "future" of Malware itself doesn't really hinge as much on the likelihood of new malicious software developments as much as it does on how new Malware victims will be targeted. One of the most notable trends in internet usage today is of course social media.  The trust decisions we make online can affect us in more ways than we think.  How many times have you accepted a friend request from someone you didn't know?  Or openly disclosed too much private information on a social site? Chances are, you are guilty of at least one of these offenses, if not both.  And hackers everywhere thank you for being so trusting! 

    Another emerging trend is the e-wallet.  Think of how many things you buy, bills you pay, and banking transactions you do online.  In this day and age, you have much less of a need to visit a physical location for any of the aforementioned reasons.  The e-wallet is a rapidly growing trend.  And where the money goes, the criminals are sure to follow.  Also, banks are developing more mobile applications and making nearly every transaction type available to their customers online.  As all of this sensitive information is more frequently being transacted online, it is more commonly susceptible to being infiltrated by Malware lurking in unsecured Wifi systems, spyware, worms, and countless other sources.  Another rapidly growing trend is the use of smartphones as secondary forms of identification.  Many corporate offices that used to require Secure ID badges for their employees have now immigrated to soft tokens which can be stored on mobile devices.  In the future, our mobile phones may even be able to substitute government issued forms of identification such as a driver's license or passport.  With this innovative possibility also comes the immense risk.

    Probably one of the least talked about risks is the threat to our cars and homes. Hackers now have the ability to disable a car alarm, unlock its doors and remotely start it through text messages sent over cell phone links to wireless devices in the vehicle.  Mind boggling right?  As more automobile functions become digital, the threat of malware infiltration increases. Other at-risk devices include airbags, radios, power seats, anti-lock braking systems, electronic stability controls, cruise control and communication systems. Hackers of the future could even target home alarm systems, air traffic control systems and flood control in dams.  The saving grace is that as technology continues to develop, so does the sophistication of most anti-virus software. But its still highly critical to be informed and aware of the risks associated with the emergence of more digital, online and mobile capabilities.

References:

1.  Vance, Jeff.  "The future of malware", Network World.  2011 Oct 03.  http://www.networkworld.com/news/2011/100311-malware-251426.html?page=3

The age old Question "Do Antivirus company's create viruses?

A.) They definitely do
B.)  It needs to be looked at
C.)  Probably not
D.)  They definitely don't 







The first thought that comes to my mind about malware, Viruses ....etc, is where do they come from?  Some would say it is a stupid idea that an antivirus company would actually make a virus. We say "well if that was happening the company's would have gotten caught by now" and/or  "If company does get caught it would destroy the company" . Which may or may not be true, but these company's are definitely smarter then we may think. As you can see I picked "B", i think that these antivirus company's need to be looked at just a little bit closer.

My first logic is profit. Its a basic concept of, if I am a antivirus company and i want to keep my customers coming back for more, the user has to believe that there is a threat.  For example, I have a PC(any kind of computer) and i don't have any type of antivirus software and i never get a virus. Then where is the need to pay someone a monthly subscription. There is free antivirus software out there, so whats the benefit of using an antivirus company's software that has a monthly subscription. Perhaps these company's can magically find special viruses that the free software can not find, which makes me wonder how do they get the inside track on these so called new virus, spyware.

Its also known that some antivirus company's hire ex-hacker virus creators...etc to help develop antivirus software, which sounds good, but these are the same people that at one point in time was malicious and now they are cleansed and helping antivirus company's to stop people formerly like themselves. Maybe these same people are working for them so that they can have the inside track on what the antivirus company's are doing, and now they can find ways around the antivirus company's method of virus protection. So lets add it up, you get to work for the people you've been fighting against, you actually get paid for it, and you still have fun being malicious. I think we would all be naive to say this can never happen.  

All in all, i don't think that they actually write the viruses themselves, but i do think they turn a blind eye in certain situation that may benefit them down the road. We are entering a world where 90-95% of all information will likely be on a computer, website, cloud...etc and eventually the only way to get this information so that you can do harm to people will be through some type of virus software. So issues like this one and related to this one will only grow over time as we transition to a more digital world.


Works Cited
http://www.computerhope.com/issues/ch001013.htm

Governments and Businesses are vulnerable too.

Governments and businesses all over the world have access to tons of confidential information. Information from their customers or citizens such as social security numbers, banking information, passwords, addresses, and etc. We would like to think all of that information is stored in a way that is inaccessible to those without the proper authorization to access it. Sadly, business and governments are still vulnerable to malware.

In August, Schnuck Markets Inc and four other retailers in Kentucky, had their point-of-sales systems attacked by malware. The attack came out of Eastern Europe and compromised the credit card information of their customers. The credit information was then sold on an underground internet forum. Only 72 hours after the hack, customers credit cards we already starting to be charged(Kitten).

The Department of Energy was the victim of of a hack in July that resulted in the personal data of 53,000 former and current employees and contractors. The fear of how damaging these hacks could be to the government has prompted the Department of Energy to award 11 contracts worth a combined $30 million to develop new tools to protect the electrical grid and gas and oil infrastructures from cyber attacks(Wait).

If big businesses and governments are just as vulnerable to malware as their customers and citizens, is it reasonable to assume no information completely safe from hackers? As these companies use their resources to build more secure systems there will always be someone trying find a new way around it. Outside of the precautions we take while on the web as individuals, we should also be aware of how much is being put into protecting information by the companies we do business with and our own government.






Works Citied:

Kitten, Tracy. "Recent Retail Breaches Connected." GOV Info Security. (2013): n. page. Web. 24 Sep. 2013. <http://www.govinfosecurity.com/recent-retail-breaches-connected-a-6022/p-2>. 

Wait, Patience. "Energy Dept. Invests $30 Million In Utility Security." Information Weekly. (2013): n. page. Web. 24 Sep. 2013. <http://www.informationweek.com/government/security/energy-dept-invests-30-million-in-utilit/240161651>.