Welcome to bullyware: Malware gets more aggressive in money hunt
Summary: Fortinet is arguing that money making malware will take threats to a new level in 2013.
Cybercriminals are using malware to go beyond merely swiping passwords and actually "bullying infected users into paying," according to a Fortinet quarterly report on emerging threats.
Fortinet's fourth quarter report walks through the methods cybercriminals are using to extract dough from victims. The gist: Fortinet is arguing that money making malware will take threats to a new level in 2013.
To wit:
- Simda.B poses as a Flash update, gets full installation rights and then swipes your passwords. Then email and social networking accounts spread spam, host malware and take money from online payment accounts.
- FakeAlert.D is fake antivirus malware that harasses you into paying for protection, which also has to be a fraud.
- Ransom.BE78 holds your personal data hostage. This ransomware installs itself and demand payment to be removed.
- Zbot.ANQ is an offshoot of the Zeus virus. It takes your online bank login attempts, prods you to install mobile malware on your smartphone and then hijacks SMS messages from banks and transfers funds.
Overall, cybercrime is just becoming more confrontational. From a return perspective the move makes sense. The more you harass people the more they are likely to pay up.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
They all have one thing in common
Drive-by infection occurs much less frequently and mostly is made possible due to careless (sometimes even reckless) websurfing or not adequately updated OSes.
Harder installs
gary
Gary, You obviously don't work in the real world, do you?
Have you ever worked with always on servers, or virtual environments? Or you just a home user who still thinks Windows XP was a really good idea...
I can see it now "Yeah - we need to take the server down AND have somebody at the data center to hold down a big red switch (yeah, I know, the data center is in Phoenix - or is it currently running on the host in Boston...?) to install WinZip. I know it's processing credit card payments but it'll only take a few minutes. No-one will notice, I'm sure..."
Sigh
RE: Gary, You obviously don't work in the real world, do you?
Everything in my work environment is virtual (vmware). I'm referring strictly to home computers. Isn't that the focus of this article?
gary
Which article you reading?
You're the one who just threw out blase statements about reboots and physical switches without putting a context to your statement.
You not heard about Spearfishing? Same attack vector.
If you're a home user then try using the UAC with the requisite permissions. Not Microsoft's fault if human nature overtakes the need for security.
What's really needed is a level of education, but PC's have (for a long time) been seen as mass-market 'as easy to use as your TV' type devices.
Stupidity and carelessness are two good ways to ensure your environment is compromised.
And yes, I do have a clue as to what I'm talking about - having survived two large scale foreign hacks at work where they managed to take over the entire (yes, entire) network of a financial institution I once worked at.
It's exhchangees like that make me believe the end of civilization is here
We are on the same side here. Rudeness and nastiness is not required. You can make you point and still be minimally polite, skipping the condescension and sarcasm too. I personally resent it although it wasn't aimed at me. It cost nothing to be poplite. Everytime someone like you lashes out for no better reason than because he CAN, the world is little worse for it. Shame on you. I don't care if you are the biggest software mind since whoever was the last great mind. That doesn't preclude courtesy and occasionally listening to someone else's idea. Because it wasn't a bad idea at all.
You are focused on the professional segment of the user community, but surprise!! Home users constitute a HUGE market. Ignore them at your peril. You may not like having to deal with amateurs, but it's a problem you need to address. Perhaps by injecting a dose of "hello real world." You just aren't that important or special, you know?
Not been round the Internet much, either, huh?
I'm a pro with other 25 years in the field. I've little patience for morons and idiots. Their fault, not mine.
And, oh yes, I deal with 'amateurs' all the time. At no point did I specify that we should be talking about corporate users only - that was Gary who thought the article was about home users and made blase global statements as such.
RE: Not been round the Internet much, either, huh?
> Not Microsoft's fault if human nature overtakes the need for security.
We'll need to agree to disagree on this one. As an engineer I see a lot more that software and hardware makers can do to protect non-IT computer users. As an example of this, my mother-in-law accidentally opened a bogus email the other day. She was worried that it might have infected her computer. But she then clarified that she opened it on her iPad. I told her that's good as the iPad is much less vulnerable to this sort of thing. So there you go...perfect example of how thing can be much better handled on the develoment end.
gary
Same would have applied on Windows, if...
Not saying 7 or 8 are invulnerable to buffer overflow attacks etc, but that's not what this article was talking about.
Perfect example on how this thing was much better handled on the development end.
And no, I'm not a Windows freak. They pay my bills but my heart is *ix based.
RE: Same would have applied on Windows, if...
> Perfect example on how this thing was much better handled on the development end.
But that's what I'm saying...maware should be better handled in the product development end than in trying to train grandmas about buffer overruns.
gary
Really
Wow, what the heck were you reading?
You however are delusional clinging on to an operating system that has just over a year of life left in it before it becomes totally unsupported.
You call Vista et all just 'eye-candy' - you've not really kept up to date, have you. You're 2003 server - that's out of support in 2015 and both it and XP are currently in Extended Support mode.
You're reading far too much into what other people read. I'm not working on a server farm. Right now I'm sitting here with my single server database and 2.5TB a week data transfers. All the data staying local to the server. That 'real world' enough for you?
And yes, "most of the world' is not on XP. As at November last year it had a 40% share down 5% from the previous 6 months.
I'd fact check before posting next time. Makes you look a little less like an alarmist who posts based on rhetoric on not fact.
I'm not sure I'd want you making Security decisions in my business if you feel that we should still be using XP and Windows 2003. Kinda makes you look, oh, I dunno, rather foolish.
So this - VVV - this is eye candy?
Security improvements to the heap manager
Security improvements to the registry
Data Execution Prevention
Address Space Layout Randomization
Windows Resource Protection
Windows service hardening
Session 0 isolation
Named pipe hardening
Windows implementation of the Kerberos protocol
TLS/SSL cryptographic enhancements
So, all this stuff that MS brought out for Windows 2008 Server (alone, yet alone R2 or 2012) was just "eye candy"?
You honestly believe that your fully patched Windows 2003 server is actually more secure than a fully patched Windows 2008 one, Or 2008 R2 or even 2012?
Wow, how deluded can you be?
Nothing
harder?
RE: harder?
My personal experience with, for instance, my mother-in-law is that she very rarely wants to install anything. She just wants it to work. And she shouldn't live in constant fear of clicking on the wrong email or website. If the process of getting infected required an action that went well beyond what she would usually do, that would be a great deterrent.
Parental Controls or SRP, then
Macs are immune
Education
Not logged in as an administrator so the softwae lacks sufficent rights to install itself or if it runs access anything harmful.
When I want to install an application I log in as an administator or change my user to an aminisator to do the install then I change back to being an ordinary user. Users really need to learn to do this. I work in IT so my family an some friends come to me fo help but they also know that if the bring trouble upon themselves by way of stupid behavior it might cost them to fix it.
RE: •Education