Posts Tagged 'malware'

Which Malware software is best?

Here’s an interesting post from Arstechnica regarding malware software. Go ahead, check out where your anti malware software ranked. Personally I currently use AVAST and have used AVG, and McAfee in the past. The biggest reason for using the aforementioned software would be … free. I stopped using McAfee in part for the large amount of system resources required to run it. I liked it but it just was a memory hog. AVG was next, it too was good in the beginning, then it slowly started to take over bigger portions of my system. Installing stupid toolbars, changing my default search, forcing me to use their built in firewall program, etc. I got sick of it. Which brings me to AVAST. So far so good. As you can see it’s not the top software on the list but at least it’s on the list.

Free AVG Download
McAfee
AVAST

When to use free software

Who doesn’t like free stuff? While there’s no shortage or free software available there’s plenty to be wary of. If it’s from a major software company then it’s probably trustworthy. And when in doubt, there’s always Google. Do a search and see what people say. Undoubtedly there will be crapware that comes along with “free” software, but that’s just the price you pay for “free” software. Be prepared to spammed on a regular basis about the benefits of upgrading to the paid version.

By all accounts DO NOT click on those popup ads which claim to have detected a virus on your computer. Those type of tactics will most certainly install some sort of malicious program on to your computer. *tsk *tsk those pesky cyber criminals just keep getting more clever every day.

It you do have to test out some questionable software, don’t install it on your main computer. Set up a stand alone box, disconnected from the network and Internet and go nuts. Don’t forget to scan easy install file before running it. When you’re done with it, uninstall it. It may not be malicious now, but there’s no telling what it will do next week.

Botnets take control of Macs

Did you happen to download that pirated copy of iWork ’09? No? Then why are you spamming me with your ads for viagra and cialis? A couple of malware programs, OSX.Iservice and OSX.Iservice.B, have proven successful in obtaining passwords to take control of seemingly innocent Macs. Welcome to the party. Reportedly its the first serious attempt at creating an Apple-centric botnet and it’s picking up steam. It’s still early but the code appears to be fairly flexible for future modifications. I guess this won’t be the end of virus and malware programs for Macs. In the meantime, stop downloading torrents and just buy legit software already! (link)

Way to go Jack-Hole!

Just because you can do something, doesn’t mean you should. Hackers, malware writers, java script coders can all thank one particular dumbass for coming up with a new way to make our lives more difficult. Say hello to a new bit of code that can infect your BIOS despite a full system wipe and firmware re-flash. The rootkit can infect your BIOS upon reboot and continue to do so despite your regular cleaning methods. Just when you thought you had the whole anti-virus, malware, spyware all figured, they come up with a new way to mess up your computers. Thanks guys!

Storm: alive and kicking

The 2007 rise of Storm was a harbinger – this new kind of social malware is continuing to grow and increase in sophistication. New, widespread malware botnets which share characteristics with Storm include Srizbi, Bobax and Kraken/Kracken. IronPort is tracking these botnets and implementing protective measures against their infection mechanisms. In addition, IronPort monitors and identifies new threats designed to exploit software vulnerabilities (such as those found in application like Adobe Flash Player), as well as website redirects, Google exploits, and spam attacks that take advantage of “Out of Office” autoreplies to validate email addresses and even hijack corporate mail servers.

For most of the last thirty years, spam has been an annoyance, created by individual amateurs. Those days are over. As Storm shows, today’s extremely organized, technically savvy, well funded malware efforts are comparable in scale to legitimate software vendors. Talented engineering teams have now moved to the dark side, and are a threat to every organizational network and individual with an email account and Web browser. (link)

Vista less secure than 2000

It seems everyone is bashing Vista these days. A researcher now claims that Microsoft Windows Vista is less secure that Windows 2000. That’s a bold statement when Vista was supposed to be the most secure OS Microsoft has turned out. Under certain situations I’m sure this can be true. I’m no Vista lover but I’d like to think newer stuff is better than older stuff … in most cases. I think I’ll stick with XP just a bit longer.

According to company CEO Simon Clausen, “recent research conducted with statistics from over 1.4 million computers within the ThreatFire community has shown that Windows Vista is more susceptible to malware than the eight year old Windows 2000 operating system, and only 37 percent more secure than Windows XP.” This certainly sounds dire, and at first glance, the company’s numbers back its statements up. Data reports from the company’s ThreatFire security program state that Vista allowed an average of 639 threats per 1,000 computers “through.” Through, in this case, presumably means that the malware in question successfully installed itself and became active. (link)

Your spam, courtesy of 6 botnets

Three weeks ago we noted the Mega-D botnet was the leading source of spam. What a difference three weeks can make! In that time, the malware behind Mega-D was identified as Ozdok. Subsequently, we also posted that the Mega-D control servers went offline for around ten days during which time spam from this pesky botnet dropped to zero.

Since then, we have also identified more of the malware behind other leading spam types that we receive in our TRACE spam traps. So what does the spambot picture look like now? Here are our statistics for February:

With the impact on Mega-D’s operations, Srizbi has now taken over as the leader of the spam pack responsible for nearly 40% of spam. Srizbi is well known as a spamming Trojan, and an advanced one at that. As we reported here, lately Srizbi has been particularly active in distributing spam with URLs that link to websites hosting more copies of the spambot. Analysis of Srizbi indicates it is extremely stealthy, operating in full kernel mode, which, among other things, allows it to hide its network activities and bypass sniffer tools. One interesting thing we noticed about Srizbi is that it provides continuous feedback and statistics to control servers about which email addresses were good, and which were bad. (link)


Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 29 other followers

Technorati – Blog Search

Add to Technorati Favorites

submit express