Skip to content

Malware not by kids anymore

January 17, 2012

Time was long ago that hackers were kids trying to see how much trouble or embarrassment they could cause. It was an ego trip.

They’re not kidding around anymore. The merry pranksters now want one thing — money — and they’ve organized into criminal gangs with research and development divisions to take your money from you.

They don’t even need to break into your system to collect. They’ll simply trick you into turning your cash or sensitive information like passwords over to them with social engineering techniques that they’ve perfected to get past your anti-virus software.

Their fake security alerts and popups look so genuine that many people are convinced that they are infected or they’re running out of memory or hard disk space. Their emails look so much like legitimate emails from financial institutions that many people believe there really is a problem with their account that they have to rectify immediately.

They disable some traditional removal steps, such as System Restore. They “hide” Windows operating system files from view, disable the ability to execute programs (like anti-virus software) and in some cases hide your documents. They re-direct searches to their own web sites, for which they are paid for each click.

In 2011, virus removal was the third most frequent computer issue FlexITechs addressed, behind only software problems and Internet issues and far ahead of hardware and peripheral (printers, scanners, etc.) issues.

So why don’t these hackers use their talents for good and for real money? They’re making too much money with little risk of being caught to give it up.

How much money are they making? Some of these crime gangs are raking in hundreds of thousands of dollars a month. In June 2011, the U.S. government was able to freeze the Swiss bank account of a Ukraine malware gang that had $14.8 million in it.

In Russia, malware gangs placed banner ads on web sites offering base salaries of $2,000 to $5,000 a month for coders to program their malicious code.

What is the cost to you?

First, you lose your money if you pay the $59.95 or $79.95  or whatever $.95 they’re asking for at that moment to “activate” their fake anti-virus software.

Second, now that you’ve given up your credit card information to the thieves, you could end up spending your time disputing unauthorized charges to your card.

Third, you could lose the convenience of your credit card while waiting for a new card to come in.

And finally, you either lose time trying to rid your system of the infection yourself or you have to pay a computer service to remove it.

It used to be you could protect yourself by not visiting web sites with a high probability of infection (porn, online games and gambling sites) or opening unsolicited file attachments from people you don’t know.

That’s all changed, because hackers are having a field day infecting third-party ads on legitimate web sites and hacking into email accounts and sending out infected emails to everyone in the hacked email account’s address book so they look like they’re coming from someone you know.

There’s no easy answer on preventing these infections, but here are a few tips.

  • If you see a strange security alert, don’t click on it without checking for oddities like strange grammar. If something seems suspicious, try shutting down your computer by holding the power button in for 5 seconds to try to prevent the infection from taking root in your system;
  • Make sure your software and Windows Updates are up to date. Besides Windows, programs like Adobe Reader, Adobe Flash and Microsoft Office will provide security patches on a regular basis;
  • Use spam filters and firewalls to keep out the bad stuff (as much as possible);
  • Enable pop-up blockers in your browser and remove unnecessary or suspicious browser add-ons;
  • Don’t open unsolicited file attachments, even from someone you know. If it’s unsolicited, verify with the person who supposedly sent the email before opening it;
  • You should also consider an alernative to traditional anti-virus software, which has proven not to be very effective against these types of infections. Some that come to mind are MalwareBytes (the paid version for $24.95 blocks malware) or Super Anti-Spyware.

We’ve personally had the most success in preventing infections with customers who have purchased the paid version of MalwareBytes. Note that this is not a replacement for anti-virus software; it’s a supplement to catch what anti-virus software doesn’t.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: