| |
| |
|
Security Information |
|
|
|
Cybercriminals Trick: Targeted Trojan-Containing Emails
Threats we ordinary Web users face online leave us no choice but learn. Haven't you noticed how many new things you learned lately? We are much better informed about malicious programs than just a year ago. This section of our vocabularies grows rapidly: now we all know what a "keylogger" is,"worm" for us has something to do not only with zoology, nor a "Trojan Horse" with Ancient Greek literature. We are getting better at avoiding such scams as phishing, and this word doesn't look like a spelling mistake anymore. We Web users are getting smarter -- at least the numbers from the recent survey by the Pew Internet and American Life Project say so. The study shows that 91% of respondents (adult Web users from the USA) have improved their online behavior in one way or another. 81% of respondents have become more cautious about e-mail attachments. People are also avoiding certain Web sites (48%), using file-sharing networks less often (25%), and even switching browsers (18%). But, alas? As Web users get wiser, cybercriminals become more insidious and commit more sophisticated crimes. More people are now aware of a worm, virus or Trojan which might be hidden in a spam email attachment -- for cybercriminals it means that spam becomes less "effective" means of spreading malware. Why they are spreading malware? What motivates them? Money, of course. All security experts are at one in thinking that " cybercriminals are primarily motivated by financial gain". In other words, they prefer cash to fun. Instead of doing mischief just for the h? of it, they steal money. Big money. Along with other unlawful activities, cybercriminals are actively hunting for valuable data that can be turned into cash. Stealing information needs contaminating as many PCs as possible with malicious programs. Most PC users now are aware of (or we even can say, almost got used to) the fact that Trojan horses can be included into e-mail messages, multimedia files or free knick-knackery like postcards, smileys and screensavers. We users know that many viruses, worms, and Trojan horses contain information-stealing (keylogging) modules. Spreading malware as wide as possible that's what cyberthieves do in order to reach their treacherous goal. At least it was their main approach -- until recently, when crooks began to more intensively exploit a new tactic. Targeting at Individual Addressees On July 8, 2005 CERT (the US Computer Emergency Readiness Team), issued an alert warning about the rise of Trojan attacks of a new kind. Signs of these stealthy Trojan attacks, which were targeting specific firms to evade detection, have been detected for the last year. Targeted Trojan-horse attacks are a new trend in online threats, states the alert. Trojan attacks by themselves aren't new, but CERT said this technique has two features that make it very dangerous, especially for businesses. First, conventional anti-virus software and firewalls can't beat Trojans of this kind. These programs are "tailor-made". Source code of known Trojans, if altered, is unfamiliar to anti-viruses, and they can't detect it. Any new variation of known malicious program is a new program for anti-viruses. There is a long way from detection of a piece of malware to the moment when an anti-virus or anti-spyware vendor is able to offer protection against it. This cycle takes time -- from several hours to a couple of days. When such a program is detected, its signature (piece of code) should be picked and included into an update. Only after all anti-virus or anti-spyware programs on all users' PCs are updated it is possible to protect them against this particular piece of malware. Poor consolation for those unlucky ones who were hit by a new kind of malware FIRST. These e-mails contain dangerous malware-laden attachments, or links to web sites hosting Trojan horses. When such an attachment is opened or a link is clicked, a malicious program installs the Trojan onto the users' machines. These Trojans can be configured to transmit information via ports used for a common service, like TCP port 80, which is assigned to Web traffic. That's why firewalls are helpless against them. Second, this time the e-mails are TARGETED -- sent to specific recipients. Their subject lines often have something to do with the user's work or interests. What the criminal can do when the attachment is opened? He can: (Quote from the alert issued by US-CERT)
CERT made recommendations for system administrators on how to prevent this kind of Trojan horse attacks. You can get the complete list from: http://www.us-cert.gov/cas/techalerts/TA05-189A.html As for us ordinary Web users -- to lessen the risk of these attacks we all should:
|
|
|
|
RELATED ARTICLES
If You Sell Anything Online Your ePockets Are Being Picked You and I are a lot alike. We are both software publishers and eBook authors getting hosed on a regular basis. Spyware - Your Web Browser is the Culprit! My first experience with a spyware BHO based infection was several months ago. I had gone through all of the usual steps with the client's machine to clean it. Avoid Internet Theft, Fraud and Phishing Since its birth, the Internet has grown and expanded to unprecedented, unmanageable proportions. Information, software, news, and much more flow freely through its twisted pathways. With the Rise of Internet Crimes, Users are Turning to High-Tech "PI's" for Solutions High-tech private investigators are becoming the answer for many Internet users who have been victimized online. The use of e-mail by that unethical element lurking in cyberspace rings all too common these days. What to Look for before You Purchase Spyware Software Huge number of spyware software applications are available in the market, some being offered as shareware while rest as freeware. (Shareware means a software available for download / CD, and can be used for a particular length of time, usually 30 days. Arming Yourself Against Spyware While clicking from site to site on the internet you are likely to land yourself on a website that downloads spyware onto your computer system. Even while using familiar or unlikely and secure web site you run the risk of being infected with unwanted spyware. Desktop Security Software Risks - Part 1 This is the second in a series of articles highlighting reasons why we need a new model for anti-virus and security solutions.Reason #2: the Desktop Security Software RisksThe risks of placing software on the desktop are such that I will be breaking this article into two parts. Watching the Watchers: Detection and Removal of Spyware If spyware were a person and he set himself up in yourhouse, you are likely going to do one of two things. You'llkick him out yourself or you'll call someone (such as thepolice) to do it for you. Computer Viruses and Other Nasties: How to Protect Your Computer from These Invaders Can you protect your computer from all possible viruses and other invasions?The quickest answer to this is "no." It's just flat impossible to protect your computer from all viruses, registry attacks, worms, spyware, malware, popups, and other such nasties. Dont be a Dork - Protect Yourself There are folks out there who use their powers for evil, not good. Let's not give them the opportunity to sneak into our lives and wreak havoc. Is That Free Stuff Like An iPod Or Desktop Computer Really Free? Have you seen the web site, www.freestuff. How To Cover Your Tracks On The Internet Every single time you access a website, you leave tracks. Tracks that others can access. Identity Theft -- 10 Simple Ways to Protect Your Good Name! Identity Theft is one of the most serious problems facing Internet users. Identity Theft is exactly as the name states -- someone steals your Identity and commits fraud in your name. Free Spyware Removal - Its Not As Easy As It Sounds Nobody wants to pay to remove spyware. At the very least, I don't. Wells Fargo Report Phishing Scam First off I should explain what phishing is. Phishing is basically the act of tricking a victim into divulging information. Virus Nightmare..Lessons Learned I got a virus the other day, Thursday I believe and since then I have been making FRANTIC efforts to save all my info.The most important thing for me to save are my Outlook Express emails and my Roboform passwords. How Can Someone Get Private Information From My Computer? From the "Ask Booster" column in the June 17, 2005 issue of Booster's Auction News, a free ezine for online auction sellers and enthusiasts.Dear Booster,How can someone get private information from my computer?Thank you,Evan S. Phishing and Pharming: Dangerous Scams As soon as almost all computer users already got used to -- or at least heard about -- the word "phishing", another somewhat confusing word appeared not long ago. Pharming. Why Malicious Programs Spread So Quickly? It seems that nowadays cybercriminals prefer cash to fun. That is why malicious programs of various kinds (viruses, worms, Trojan horses, etc. Spyware, This Time Its Personal! First the basic definition of Spyware: It is a type of software which is installed onto your computer without your permission..
|
| home | site map |
| © 2006 |