Should we all just go Google "Canary"?

        When I think of protecting myself from malware the first thing that comes to mind is don’t go to crazy websites. The next thing I think of is a good anti-virus software to scan my personal computer to seek out malware and destroy it. It never occured to me that I should look at another line of defense to help add me in the anti-malware war. There is a new developmental version of googles web browser called the “Canary” version of Chrome. This could possibly change everything and give the antivirus company’s a scare.


        







         The goal behind the new browser is to show a small warning note in the area of the screen reserved for downloads, notifying the user that it has prevented malware from being downloaded. Most of the new sites prevented by Google is not from their traditional black list of infected sites. They are the ones that may change browser settings or install ads, and hijack the browser for whatever malicious acts they want do.



       I think google is going in the right direction by adding this extra layer of protection. It would be nice to have my browser block all malware that tries to enter my computer and also warn me of possible sites that they have located malware and viruses on before. This all sounds good in theory and it would be nice for me not to have to pay a yearly subscription for anti-virus software, but the harsh reality is that hackers will eventually find a way to get around this new browser creation. I’m still all for it because the more layers of protection the harder it’ll be for the hackers, and may even steer away the new or want to be hackers as it could prove to be too much work.

Work Cited:

Hachman, Mark. "Google's Chrome Will Automatically Block Malware." PCWorld. N.p., 01 Nov. 2013. Web. 05 Nov. 2013.

Kavilanz, Parija. "Google's Dreaded 'Blacklist'" Yahoo Finance. N.p., 05 Nov. 2013. Web. 05 Nov. 2013.

  

Not scared yet? Meet RATS

As if we didn't already have enough to look out for while using our laptops, desktops, tablets and smartphone, RATS, or Remote Administration Trojan, is another harmful form of malware out there waiting to do damage. RATS is defined as, "malicious programs that run invisibly on host PCs and permit an intruder remote access and control". As stated in our presentation, trojan horses disguise themselves as useful software so that the user of the computer will not suspect a potential danger. In fact, this type of malware has used a number of different avenues to get into computers including:

• Per-to-Peer Sites
• Java Exploits
• Social Media and chat accounts
• Phishing emails

Blackshades NET is software developed to allow user the ability to spy on either the spouse, children or any one else that uses the computers. But while a cautious mother may think she is getting software to keep a monitor of what her children do on the internet, that software is taking full control of the computer and possibly cause major damage.

Blackshades Net is capable of installing Ransomware, torrent seeders, USB infectors, Facebook controllers and more. Torrent seeders allowing the malware to continuously be spread via fake torrent descriptions. USB infectors install the malware on USB drives and spread the malware when that USB drive is plugged into a different computer. Facebook controllers take advantage of users not completely logging out of their Facebook accounts before closing their browser. The malware will make posts of behalf of the users linking others to malicious software.

As bleak as it sounds, malicious software is getting more sophisticated each and every day. Anti-Virus software can only do so much. Users must be mindful of exactly what they are downloading and agreeing to.



References:

Grimes, Robert. "Danger: Remote Access Trojans." Microsoft. N.p.. Web. 30 Oct 2013. <http://technet.microsoft.com/en-us/library/dd632947.asp&xgt;. 

Kujawa, Adam. " You Dirty RAT! Part 2 – BlackShades NET ." . Malawarebytes, 15 Jun 2012. Web. 30 Oct 2013. <http://blog.malwarebytes.org/intelligence/2012/06/you-dirty-rat-part-2-blackshades-net/>.

Cryptolocker: Don't be a Victim!

One of the most frightening forms of malware is ransomware. Ransomware infiltrates your computer, typically encrypting the files on your machine or locking your machine completely. The creator will demand that you pay a certain dollar amount to regain access and control of your machine. Obviously, receiving control again is never guaranteed since you can’t truly trust a criminal.

In January of this year, a new type of ransomware, Cryptolocker, began infecting machines. The malware gains access to your computer and then wraps all accessible files in an encryption so that the victim cannot access them. A message appears on the screen demanding payment within three days to unlock the encrypted files. If the payment is not received within the timeframe, your files will be lost forever! Cryptolocker criminals, unlike most ransomware criminals, do however seem to have a good reputation of restoring your files after the ransom has been paid. This doesn’t mean you couldn’t be a victim again though at a later time.

The new Cryptolocker malware has proven cybercriminals to be clever capitalists. Initially, cybercriminals were demanding $100, but after finding the public is willing to spend even more for the decryption of their files, the ransom price has gone up! Now, you’ll have to pay $300 within the given three day timeframe if you ever want to see your files again! Over the past few months, the Cryptolocker criminals have begun to realize that some of their victims would rather lose their computer files than allow the criminal to access their bank account or credit card information in order to pay the ransom. In response to a potential loss in revenue, the cybercriminals have begun accepting payment in the form of bitcoins, a form of online payment that allows the victim to pay safely via an unknown origin. This savvy business decision has led to a boom in business for the cybercriminals!

 

As frightening as this is, you can take certain precautions to protect yourself from the threat of ransomware. Make sure your operating system and computer software are up-to-date. Use anti-malware software that is up-to-date. Never click on or download material from suspicious sources or sources you do not trust. Lastly, back up your files regularly. That way, if your machine does get infected with ransomware, you have a fairly recent version of your files that you can use to restore your machine.

 Works Cited:

Microsoft Malware Protection Center. Ransomware. Microsoft, 2013. Web. 20 Oct. 2013. <http://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx>

Matthews, Lee. Cryptolocker malware now accepts ransom payments in Bitcoins. Geek.com, 18 Oct. 2013. Web. 21 Oct. 2013. <http://www.geek.com/apps/cryptolocker-malware-now-accepts-ransom-payments-in-bitcoins-1574298/>

Matthews, Lee. Disk encryptiiing Cryptolocker malware demands $300 to decrypt your files. Geek.com, 11 Sept. 2013. Web. 20 Oct. 2013. <http://www.geek.com/apps/disk-encryptiing-cryptolocker-malware-demands-300-to-decrypt-your-files-1570402/>

Goodin, Dan. You’re infected – if you want to see your data again, pay us $300 in Bitcoins. Arstechnica.com, 17 Oct. 2013. <http://arstechnica.com/security/2013/10/youre-infected-if-you-want-to-see-your-data-again-pay-us-300-in-bitcoins/>

MalWare: Will It Ever End??

 

 

Malware has become a major problem across the globe which is very scary. First it was attacking computers and computer files and now it has spread to Smartphones and also Invading Social networking sites. And Guess what? Now the attacks are beginning to target your automobiles and homes. You may even begin to ask yourself, “Will Malware Ever End?”  Well, I hate to be a bearer of bad news but the answer to that question is “NO,” it doesn’t look that way no matter what anyone says.

Of course, there are software companies out here such as Bronium and McAfee who feel that they can come up with software to lighten the attacks or even eliminate Mal-Ware altogether. Even though they will probably not end Malware who are we to tell them that they can’t try to help. There are probably a few others who believe Malware will end but that is absurd! The facts are the threat of malware is increasingly prevalent, and has truly evolved during the last couple of years (Z.Whittaker). 

Research says that as developers take precautions implementing security measures to ensure their newly developed products are more secure, malware is continuing to evolve and infiltrate deeper in the code. Not only is it becoming intelligent but it is also generating revenue. Creators of Malware bring in about $10,000 a day which is 3,650,000 a year.  So Malware is pretty profitable.

Now that you have read some of the facts, do you still believe Malware will end? If so, listen to this, in the 3^rd quarter alone this past year Malware detections have increased from 41,000 to 156,000, this exceeds three times as much from last year. To top that off; According to Ricky Magalhaes, Android Malware could reach the 1 million mark by years end. Cyber criminals even hijack software update services so that when you update a system, malware is downloaded and installed.

So, there you have it, Malware for surely will never end. This problem will continue to grow and grow for many years to come. Therefore, as long as Technology continues to develops and become increasingly intelligent, so will cybercriminals as will malware.  Now do I have any believers???

 

 

 

 

Works Cited

Megalhaes, Ricky. “Malware Impact, serious and long lasting,” www.windowsecurity.com  

January 23, 2013

 Whittaker, Zack. “Android Malware could reach the 1 million mark by years end” June 5, 2013

 

 



 

 

THE FUTURE OF MALWARE: NOTHING TO LOOK FORWARD TO

     

    As the world we live in today continues to evolve and change, unfortunately, so will the sophistication and motivation of criminals utilizing Malware to defraud and victimize thousands of people every year.  The "future" of Malware itself doesn't really hinge as much on the likelihood of new malicious software developments as much as it does on how new Malware victims will be targeted. One of the most notable trends in internet usage today is of course social media.  The trust decisions we make online can affect us in more ways than we think.  How many times have you accepted a friend request from someone you didn't know?  Or openly disclosed too much private information on a social site? Chances are, you are guilty of at least one of these offenses, if not both.  And hackers everywhere thank you for being so trusting! 

    Another emerging trend is the e-wallet.  Think of how many things you buy, bills you pay, and banking transactions you do online.  In this day and age, you have much less of a need to visit a physical location for any of the aforementioned reasons.  The e-wallet is a rapidly growing trend.  And where the money goes, the criminals are sure to follow.  Also, banks are developing more mobile applications and making nearly every transaction type available to their customers online.  As all of this sensitive information is more frequently being transacted online, it is more commonly susceptible to being infiltrated by Malware lurking in unsecured Wifi systems, spyware, worms, and countless other sources.  Another rapidly growing trend is the use of smartphones as secondary forms of identification.  Many corporate offices that used to require Secure ID badges for their employees have now immigrated to soft tokens which can be stored on mobile devices.  In the future, our mobile phones may even be able to substitute government issued forms of identification such as a driver's license or passport.  With this innovative possibility also comes the immense risk.

    Probably one of the least talked about risks is the threat to our cars and homes. Hackers now have the ability to disable a car alarm, unlock its doors and remotely start it through text messages sent over cell phone links to wireless devices in the vehicle.  Mind boggling right?  As more automobile functions become digital, the threat of malware infiltration increases. Other at-risk devices include airbags, radios, power seats, anti-lock braking systems, electronic stability controls, cruise control and communication systems. Hackers of the future could even target home alarm systems, air traffic control systems and flood control in dams.  The saving grace is that as technology continues to develop, so does the sophistication of most anti-virus software. But its still highly critical to be informed and aware of the risks associated with the emergence of more digital, online and mobile capabilities.

References:

1.  Vance, Jeff.  "The future of malware", Network World.  2011 Oct 03.  http://www.networkworld.com/news/2011/100311-malware-251426.html?page=3

The age old Question "Do Antivirus company's create viruses?

A.) They definitely do
B.)  It needs to be looked at
C.)  Probably not
D.)  They definitely don't 







The first thought that comes to my mind about malware, Viruses ....etc, is where do they come from?  Some would say it is a stupid idea that an antivirus company would actually make a virus. We say "well if that was happening the company's would have gotten caught by now" and/or  "If company does get caught it would destroy the company" . Which may or may not be true, but these company's are definitely smarter then we may think. As you can see I picked "B", i think that these antivirus company's need to be looked at just a little bit closer.

My first logic is profit. Its a basic concept of, if I am a antivirus company and i want to keep my customers coming back for more, the user has to believe that there is a threat.  For example, I have a PC(any kind of computer) and i don't have any type of antivirus software and i never get a virus. Then where is the need to pay someone a monthly subscription. There is free antivirus software out there, so whats the benefit of using an antivirus company's software that has a monthly subscription. Perhaps these company's can magically find special viruses that the free software can not find, which makes me wonder how do they get the inside track on these so called new virus, spyware.

Its also known that some antivirus company's hire ex-hacker virus creators...etc to help develop antivirus software, which sounds good, but these are the same people that at one point in time was malicious and now they are cleansed and helping antivirus company's to stop people formerly like themselves. Maybe these same people are working for them so that they can have the inside track on what the antivirus company's are doing, and now they can find ways around the antivirus company's method of virus protection. So lets add it up, you get to work for the people you've been fighting against, you actually get paid for it, and you still have fun being malicious. I think we would all be naive to say this can never happen.  

All in all, i don't think that they actually write the viruses themselves, but i do think they turn a blind eye in certain situation that may benefit them down the road. We are entering a world where 90-95% of all information will likely be on a computer, website, cloud...etc and eventually the only way to get this information so that you can do harm to people will be through some type of virus software. So issues like this one and related to this one will only grow over time as we transition to a more digital world.


Works Cited
http://www.computerhope.com/issues/ch001013.htm

Governments and Businesses are vulnerable too.

Governments and businesses all over the world have access to tons of confidential information. Information from their customers or citizens such as social security numbers, banking information, passwords, addresses, and etc. We would like to think all of that information is stored in a way that is inaccessible to those without the proper authorization to access it. Sadly, business and governments are still vulnerable to malware.

In August, Schnuck Markets Inc and four other retailers in Kentucky, had their point-of-sales systems attacked by malware. The attack came out of Eastern Europe and compromised the credit card information of their customers. The credit information was then sold on an underground internet forum. Only 72 hours after the hack, customers credit cards we already starting to be charged(Kitten).

The Department of Energy was the victim of of a hack in July that resulted in the personal data of 53,000 former and current employees and contractors. The fear of how damaging these hacks could be to the government has prompted the Department of Energy to award 11 contracts worth a combined $30 million to develop new tools to protect the electrical grid and gas and oil infrastructures from cyber attacks(Wait).

If big businesses and governments are just as vulnerable to malware as their customers and citizens, is it reasonable to assume no information completely safe from hackers? As these companies use their resources to build more secure systems there will always be someone trying find a new way around it. Outside of the precautions we take while on the web as individuals, we should also be aware of how much is being put into protecting information by the companies we do business with and our own government.






Works Citied:

Kitten, Tracy. "Recent Retail Breaches Connected." GOV Info Security. (2013): n. page. Web. 24 Sep. 2013. <http://www.govinfosecurity.com/recent-retail-breaches-connected-a-6022/p-2>. 

Wait, Patience. "Energy Dept. Invests $30 Million In Utility Security." Information Weekly. (2013): n. page. Web. 24 Sep. 2013. <http://www.informationweek.com/government/security/energy-dept-invests-30-million-in-utilit/240161651>.

Malware Goes Mobile

The buzz regarding mobile malware has begun to infiltrate our news headlines, but is there really a threat to our smartphone/tablet way of life?  According to McAfee Labs, mobile malware attacks have skyrocketed in the past couple years.  In fact, in a sample population, researchers with McAfee Labs found malware samples grew from 792 in 2011 to a staggering 50,926 samples in 2013!

But don’t trade in your new iPhone 5 for a “dumb-phone” or landline quite yet.  According to technology journalist Antone Gonsalves these frightening numbers may just be a way for the big anti-virus companies to grow their profits even bigger.  Apparently, the majority of malware attacks referenced in the reports were found outside of the U.S. in places such as Asia and Eastern Europe where users tend to download more third-party apps.  These third-party apps are the primary gateways to mobile threats, as they are more easily penetrated by hackers looking to steal mobile information.  Because most users in the U.S. go directly to official app stores, which carefully regulate and guard their software, it is much more unlikely for criminals to breach U.S. user downloads.

That being the case, there is still a small mobile malware threat, even to those of us in the U.S.  How can you best protect yourself?  A lot of the same techniques you use for your computer or laptop can be applied to your mobile habits as well.  First and foremost, stay away from pornography!  And not just because your mother said so.  According to a report by Blue Coat, a network management and network security company, pornography sites were visited less than one percent of any other site category, but more than 20 percent of malware can be traced back to those pornographic sites.  It is also important to stay away from suspicious sites, advertisements, downloads, spam, and phishing requests.  In short, instead of buying expensive anti-virus software for your mobile device, you may want to save your money for that next big app or iTunes download you’ve been looking forward to.  For now, being aware of the potential malware threat in suspicious places and practicing these mobile safety habits may be all you need to prevent your mobile device from becoming a victim.

Works Cited

McAfee Labs. (2013). McAfee Threats Report: First Quarter 2013. Mcafee.com. Retrieved September, 2013 from http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2013.pdf.

Gonsalves, Antone. (September 2013). Mobile Security Trends: The greatest mobile threats (and Android malware isn’t one of them). Computerworld.com. Retrieved September, 2013 from http://blogs.computerworld.com/mobile-security/22815/greatest-mobile-threats-and-android-malware-isnt-one-them.

Blue Coat Systems, Inc. (2013). Blue Coat Systems 2013 Mobile Malware Report: How Users Drive the Mobile Threat Landscape. Bluecoat.com. Retrieved September, 2013 from http://www.bluecoat.com/sites/default/files/documents/files/BC_2013_Mobile_Malware_Report-v1d.pdf.

 

 

 

 

 

Is Anti-virus Really Needed???

  

The questions have arose around the fact of whether or not Anti-Virus software and securities are really needed in order to protect technology such as computers, laptops, cellphones, etc., from becoming infected by different forms of Mal ware. This Mal ware includes viruses, Trojan horses, ransom ware, worms, root kits, spy ware and all types of malicious viruses that can be by computers.  Well the answer to those questions are a definite YES.
 

Some may believe that if they practice good computer behaviors such as being sure which applications to download or refrain from opening suspicious emails, clicking on unknown links and blocking pop up images, then they could easily protect their computer from being compromised but that is just as foolish as believing that if you eat right and do not go outside in bad weather then you can stop yourself from catching a cold, it's just not guaranteed.
 
According to an article in the Charlotte Observer, "Blocking Images Can Be A Good Defense," but good behavior alone is not enough to protect you from Mal ware. Truth is, even the most legitimate websites can be compromised and subjected to viruses. Therefore Anti-virus security is good software to have when operating computer devices.
 
  Studies show that running Antivirus on a regular basis not only cleans any infection from your computer but proactively protects your system against malicious programs. Antivirus has been proven to improve IT system functions and processes and keeps them running fast and smooth.
One thing to keep in mind is not all Antivirus software is good software, cause remember that nothing is perfect and if your computer is compromised then viruses use up vital space and cause performance to suffer. For best practices you should make sure to follow a few steps to keep your computer secure.
 1) Make sure to download Microsoft Essentials, which is free, or another reputable form of antivirus. 2) Make sure automatic updating is turned on. 3) Keep firewall turned on at all times and do not open any suspicious emails or links.  Also, stay away from free Antivirus pop-ups because they are usually forms of Mal ware and if you do purchase Antivirus software make sure you purchase it from a secure and trusted site.

Works Cited  

 

Biersdorfer, J.D. "Blocking Images Can be A Good Defense," charlotteobserver.com.

 

www.antivirusware.com

 

www.Microsoft.com

 



 



 

  

Malware: Downloading videos on Facebook could cost you

If you’ve ever used the Internet for any purpose, chances are you are familiar with or have had some sort of experience with Malware.  The term Malware is a shorter way of saying malicious software.  Typically Malware works by getting the victim to download or access software that then infiltrates various components of the person’s computer or browser.  This software is used to steal passwords and other confidential information from the victims.  Another thing most people nowadays have utilized or come in contact with is social media.   Social media is an important and ever growing aspect of how people communicate through the use of posts, messages, pictures and videos.  Realizing the immense popularity of social media, online hackers have now developed all sorts of malware to lure unsuspecting victims on these sites.  One of the newest types of malware circulating currently are videos on Facebook that appear to be sent to you from a friend. (1)  The victim receives a notification that they’ve been tagged in a Facebook video by one of their friends.  When they click on the link to the “video”, they are then asked to download a browser extension or plug-in to watch the video.  Once the person does this, the Malware then has access to every password and all other sensitive information that was stored in that browser.  This leaves the victim exposed to various forms of fraud and theft before they even realize what has happened.  This malicious software is particularly advanced and can even remain dormant in your browser while it waits to accumulate additional information from you.  So, it would behoove all Internet users to be especially cautious before downloading any add-ons or plug-ins.  And also, be especially aware of who has sent you a link or video before you download it; even if it initially appears to be legitimate. (1)

References:

1.  Goel, Vindu. "Malicious Software Poses as Video From a Facebook Friend." The NY Times.  August 26, 2013, 8:44 pm http://bits.blogs.nytimes.com/2013/08/26/malicious-software-poses-as-video-from-a-facebook-friend/