Welcome to bullyware: Malware gets more aggressive in money hunt

Welcome to bullyware: Malware gets more aggressive in money hunt

Summary: Fortinet is arguing that money making malware will take threats to a new level in 2013.

TOPICS: Security, Legal

Cybercriminals are using malware to go beyond merely swiping passwords and actually "bullying infected users into paying," according to a Fortinet quarterly report on emerging threats.


Fortinet's fourth quarter report walks through the methods cybercriminals are using to extract dough from victims. The gist: Fortinet is arguing that money making malware will take threats to a new level in 2013.

To wit:

  • Simda.B poses as a Flash update, gets full installation rights and then swipes your passwords. Then email and social networking accounts spread spam, host malware and take money from online payment accounts.
  • FakeAlert.D is fake antivirus malware that harasses you into paying for protection, which also has to be a fraud.
  • Ransom.BE78 holds your personal data hostage. This ransomware installs itself and demand payment to be removed.
  • Zbot.ANQ is an offshoot of the Zeus virus. It takes your online bank login attempts, prods you to install mobile malware on your smartphone and then hijacks SMS messages from banks and transfers funds.

Overall, cybercrime is just becoming more confrontational. From a return perspective the move makes sense. The more you harass people the more they are likely to pay up.

Topics: Security, Legal

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • They all have one thing in common

    It takes the user to install the malware. And this is the real weak chain-link.
    Drive-by infection occurs much less frequently and mostly is made possible due to careless (sometimes even reckless) websurfing or not adequately updated OSes.
    • Harder installs

      We need the OS to make installs more difficult...rather than a click or two, installation of any software should require a reboot in conjunction with a momentary switch being held down (an "allow installs" button). Just an idea...

      • Gary, You obviously don't work in the real world, do you?

        Forcing a reboot to install software, holding down a switch?

        Have you ever worked with always on servers, or virtual environments? Or you just a home user who still thinks Windows XP was a really good idea...

        I can see it now "Yeah - we need to take the server down AND have somebody at the data center to hold down a big red switch (yeah, I know, the data center is in Phoenix - or is it currently running on the host in Boston...?) to install WinZip. I know it's processing credit card payments but it'll only take a few minutes. No-one will notice, I'm sure..."

        Lost In Clouds of Data
        • RE: Gary, You obviously don't work in the real world, do you?

          Dear Sigh,

          Everything in my work environment is virtual (vmware). I'm referring strictly to home computers. Isn't that the focus of this article?

          • Which article you reading?

            I'm reading one where 'users' (be they home or corporate) can be tricked into installing malware. I see no mention anywhere (implied or otherwise) that the article was intended ONLY to home users.

            You're the one who just threw out blase statements about reboots and physical switches without putting a context to your statement.

            You not heard about Spearfishing? Same attack vector.

            If you're a home user then try using the UAC with the requisite permissions. Not Microsoft's fault if human nature overtakes the need for security.

            What's really needed is a level of education, but PC's have (for a long time) been seen as mass-market 'as easy to use as your TV' type devices.

            Stupidity and carelessness are two good ways to ensure your environment is compromised.

            And yes, I do have a clue as to what I'm talking about - having survived two large scale foreign hacks at work where they managed to take over the entire (yes, entire) network of a financial institution I once worked at.
            Lost In Clouds of Data
          • It's exhchangees like that make me believe the end of civilization is here

            We are all on the same side. Personally, for home computers at least, it wouldn't be a bad idea to force people to stop and think before they install. This includes teenages who habitually do stuff without thinking about it and older people who don't know the difference between the operating system and the browser. Or for that matter, hardware and software. And office environment is different and often is protected against installations to prevent this kind of thing ... or at least it was when I was working. The only people who could install anything were IT and you could get very old waiting for one of them to show up to do anything.

            We are on the same side here. Rudeness and nastiness is not required. You can make you point and still be minimally polite, skipping the condescension and sarcasm too. I personally resent it although it wasn't aimed at me. It cost nothing to be poplite. Everytime someone like you lashes out for no better reason than because he CAN, the world is little worse for it. Shame on you. I don't care if you are the biggest software mind since whoever was the last great mind. That doesn't preclude courtesy and occasionally listening to someone else's idea. Because it wasn't a bad idea at all.

            You are focused on the professional segment of the user community, but surprise!! Home users constitute a HUGE market. Ignore them at your peril. You may not like having to deal with amateurs, but it's a problem you need to address. Perhaps by injecting a dose of "hello real world." You just aren't that important or special, you know?
          • Not been round the Internet much, either, huh?

            You think I came across as rude then watch out. I'm timid compared to other people. Grow a spine why don't you.

            I'm a pro with other 25 years in the field. I've little patience for morons and idiots. Their fault, not mine.

            And, oh yes, I deal with 'amateurs' all the time. At no point did I specify that we should be talking about corporate users only - that was Gary who thought the article was about home users and made blase global statements as such.
            Lost In Clouds of Data
          • RE: Not been round the Internet much, either, huh?

            I did make the assumption that this was more about home users, precicely because the corporate environment tends to handle these things external to the user.

            > Not Microsoft's fault if human nature overtakes the need for security.

            We'll need to agree to disagree on this one. As an engineer I see a lot more that software and hardware makers can do to protect non-IT computer users. As an example of this, my mother-in-law accidentally opened a bogus email the other day. She was worried that it might have infected her computer. But she then clarified that she opened it on her iPad. I told her that's good as the iPad is much less vulnerable to this sort of thing. So there you go...perfect example of how thing can be much better handled on the develoment end.

          • Same would have applied on Windows, if...

            ...she'd been using a user account and not an Admin one.

            Not saying 7 or 8 are invulnerable to buffer overflow attacks etc, but that's not what this article was talking about.

            Perfect example on how this thing was much better handled on the development end.

            And no, I'm not a Windows freak. They pay my bills but my heart is *ix based.
            Lost In Clouds of Data
          • RE: Same would have applied on Windows, if...

            Not the same. I'm far more confident that she didn't get a malware infection on her iPad than I would be with her PC, regardless of the account setting. I would guess that statistics bare that out.

            > Perfect example on how this thing was much better handled on the development end.

            But that's what I'm saying...maware should be better handled in the product development end than in trying to train grandmas about buffer overruns.

        • Really

          And you must be one of those people who swear the Cloud is safe and is the only way to go. I have worked in the PC/Server industry since 1986 and with the Microsoft offerings today I am still on XP and will remain until the boys and girls in Redmond offer something better than XP Pro/Server 2003. So far all Redmond has offered is fluff filled eye candy with almost no real upgrades except forcing the end user or business to buy new software and devices since Win7 and Win8 no longer support these devices. Ever wonder why most of the world is still on WinXp? Its because there is nothing except eye candy. Oh and that cloud you like so much; thats a huge security risk that I as a MCSE, Business Consultant and Business owner would never suggest to any of my clients. In closing if I want a PC with cellphone software installed I will buy a tablet since thats all Win8 is good for. Now who really lives in that bubble. Doesn't feel good having others show you the truth does it. OBTW| working on a server farm is not even close to the "real world".
          • Wow, what the heck were you reading?

            Where did I say even once I thought the cloud was 'safe'?

            You however are delusional clinging on to an operating system that has just over a year of life left in it before it becomes totally unsupported.

            You call Vista et all just 'eye-candy' - you've not really kept up to date, have you. You're 2003 server - that's out of support in 2015 and both it and XP are currently in Extended Support mode.

            You're reading far too much into what other people read. I'm not working on a server farm. Right now I'm sitting here with my single server database and 2.5TB a week data transfers. All the data staying local to the server. That 'real world' enough for you?

            And yes, "most of the world' is not on XP. As at November last year it had a 40% share down 5% from the previous 6 months.

            I'd fact check before posting next time. Makes you look a little less like an alarmist who posts based on rhetoric on not fact.

            I'm not sure I'd want you making Security decisions in my business if you feel that we should still be using XP and Windows 2003. Kinda makes you look, oh, I dunno, rather foolish.
            Lost In Clouds of Data
          • So this - VVV - this is eye candy?

            Kernel patch protection for 64-bit editions
            Security improvements to the heap manager
            Security improvements to the registry
            Data Execution Prevention
            Address Space Layout Randomization
            Windows Resource Protection
            Windows service hardening
            Session 0 isolation
            Named pipe hardening
            Windows implementation of the Kerberos protocol
            TLS/SSL cryptographic enhancements

            So, all this stuff that MS brought out for Windows 2008 Server (alone, yet alone R2 or 2012) was just "eye candy"?

            You honestly believe that your fully patched Windows 2003 server is actually more secure than a fully patched Windows 2008 one, Or 2008 R2 or even 2012?

            Wow, how deluded can you be?
            Lost In Clouds of Data
        • Nothing

          wrong with thinking outside the box a little.
      • harder?

        they had harder installs in windows Vista, it was that UAC irritated everyone so much that most people shut it off, which left them more open to malware
        • RE: harder?

          I never used Vista (skipped it), but wasn't that annoyance as much about running existing software as installing anything new?

          My personal experience with, for instance, my mother-in-law is that she very rarely wants to install anything. She just wants it to work. And she shouldn't live in constant fear of clicking on the wrong email or website. If the process of getting infected required an action that went well beyond what she would usually do, that would be a great deterrent.
          • Parental Controls or SRP, then

            Gary, I'd suggest looking into Parental Controls or Software Restriction Policy, depending what she can cope with (or you can assist with). I have a setup guide at mechbgon.com/srp if you want to evaluate them. I use SRP at work and our systems stay squeaky-clean. Both options are free, but SRP requires a Pro or Business version of Windows since it's configured using the system's Local Group Policy, not found on Home versions.
      • Macs are immune

        Unless this malware has an Apple certificate, it will never install or run on Macs that have been upgraded to the latest software from Apple.
      • Education

        Education is the key. I have had a few attempts at malwae trying to install itself on my PC and all have ailed. Why, Simple:

        Not logged in as an administrator so the softwae lacks sufficent rights to install itself or if it runs access anything harmful.

        When I want to install an application I log in as an administator or change my user to an aminisator to do the install then I change back to being an ordinary user. Users really need to learn to do this. I work in IT so my family an some friends come to me fo help but they also know that if the bring trouble upon themselves by way of stupid behavior it might cost them to fix it.
        • RE: •Education

          The way Windows is currently designed, it's very un-user friendly to expect them to create and use separate profiles for separate tasks. Go explain that to your grandmother. And that's why your family must still come to you, an IT professional, for help with routine matters.