September 3rd 2010

www.software-street.com

YourBookmarks

Software Street
Best-selling software tools
www.software-street.com

Privacy Central
Software recommendations
www.privacy-central.com

Search Street
The Google alternative
www.search-street.com

Software Giveaway
Claim $4000 in software
software-giveaway.com

Fighting Modern Malware, Friend!

Good morning!

Trent Steele here with the latest edition of the Windows Power User newsletter!

Do you know what malware is for?

Basically, it's trying to steal money.

That might be through data theft, bank transfers, stolen passwords, or swiped identities.

Every day millions of dollars are stolen from innocent Internet victims.

And yet many computer defenders aren't able to tell you what the biggest threat is to their environment!

Find out more about the very real threat of malware -- and how to protect yourself from it -- in this week's bonus article below.

Enjoy --

Trent Steele, Site Manager.
http://www.software-street.com

Friend's Tech News...

Billionaire sues hi-tech giants

Sony obtains ban on PS3 hack chip

'Anti-Facebook' eyes launch date

Electricity 'pulled from the air'

Fake iTunes reviews row settled

Brand New Software Downloads...

Desktop Author - Make eBrochures, eBooks, etc.

Class Action Gradebook Homeschool Edition

Class Action Gradebook Elementary Edition

Class Action Gradebook Secondary Edition

Class Action Gradebook College Edition

Search Term of the Day...

Did you know the number one search term yesterday was...

Facebook

Click HERE to search this term at Search-Street.com >>

Friend's Recommendations...

Every week, we recommend a series of exciting new hardware and software tools that we think you'll find interesting. Here's what we have for you this time...

Anti Identity Theft!

Avoid the nightmare of identity theft before it's too late. Thwart attackers 24/7 and sleep Easy PC!

www.anti-identity-theft.com

Flash Drive Security Software!

Securely lock and unlock the data on your USB -- in SECONDS! A fabulous new utility unlike any other on the market!

www.flashdrivesecuritysoftware.com

Hacking: The Next Generation!

Helps you understand the real motives and psychology of hackers, enabling you to better prepare and defend against them!

Amazon - US

Amazon - UK

Secure Drive Erase!

Don't take chances! This nifty little program will GUARANTEE that your deleted files are wiped and gone -- FOREVER!

www.securedriveerase.com

Hit The Panic Button!

Let Panic Button Pro take all the trouble out of hiding your screen, folders and private files from prying eyes!

www.panicbuttonpro.com

Absolute Security & Privacy!

Learn how to protect your PC from viruses, hijackers, con artists, spam e-mail and relentless pop-up advertising!

Amazon - US

Amazon - UK

Recover Deleted Files!

Get deleted files back with a single click of the mouse! Award-winning software works on ANY PC - 100% GUARANTEED!

www.recoverdeletedfiles.ws

Photo Vault Pro: Total Protection!

Hide ALL your personal files inside a "Virtual Vault" - with the world's most powerful file security tool!

www.photovaultpro.com

Fighting Today's Malware

If malware were biological, the world would be in the grip of the worst pandemic in history.

In 2009, more than 25 million different unique malware programs were identified, more than all the malware programs ever created in all previous years (see the annual report from Panda Labs). That's a pretty incredible statistic. Malicious programs now outnumber legitimate ones by many orders of magnitude.

The world's largest cloud computing user? Not Microsoft, not Google, not Amazon.com. The ringleaders of the Conficker botnet, with more than 4.6 million infected computers under their control, win by a mile. Some antimalware vendors report that 48 percent of the computers they scan are infected (see page 10 of the APWG Phishing Activity Trends Report) with some sort of malware. Trojan horse programs make up 66 percent of all threats (see page 4 of the annual report from Panda Labs).

No one need wonder what malware is trying to do: It's trying to steal money, whether it's through data theft, bank transfers, stolen passwords, or swiped identities. Each day, tens of millions of dollars are stolen from innocent Internet victims. And yet many computer defenders can't tell you what the biggest threat is to their environment. If you don't know the biggest threats, how can you defend against them properly?

Today's malware differs dramatically from the threats we faced just 10 years ago, when most malicious programs were written by young men looking to earn cyber bragging rights. Most malware made the user aware of its existence through a displayed message, music (as in the Yankee Doodle Dandy virus family), or some other sort of harmless mischief. Those were the days.

Thoroughly modern malware
Today's malware is written by professional criminals. In most cases, users are unwittingly tricked into executing a malicious program in the form of a Trojan horse. Users think they are installing needed software, often "recommended" by a site they trust. In fact those sites are recommending nothing of the kind.

Malware producers routinely break into legitimate websites using found vulnerabilities and modify existing Web pages to include malicious JavaScript redirects. Or the malicious code is hidden inside a banner ad on a website, supplied by legitimate ad services.

Either way, when the user surfs to the legitimate website, the malicious JavaScript is loaded, and it either prompts the user to install a program or redirects the unknowing user to another website where they are told to install a program.

Trojans lead the pack
Trojans typically camouflage themselves as downloadable antivirus scanners, "needed" patches, malformed PDF files, or add-on video codecs required to display an exciting video. Most of the fake programs have the clean look and feel of a real app. Even career antimalware defenders find it hard to tell the difference between what is real and what is fake.

Fake programs are even more successful at duping victims when they appear to come from popular, well-known websites that a user has trusted and visited, without incident, for years. Or they launch from one of the popular social networks, like Facebook and Twitter, which are all the rage among the least savvy computer users. Some malware programs scan the user's computer for vulnerable software that lacks security patches, but typically, users cause infections themselves by installing apps they should not.

This is not to rule out the obvious impact of spam, phishing, adware, or other attack methods. It's just that computer worms, viruses, and the other methods for exploiting computers, added up all together, don't equal the threat of the socially engineered Trojan -- even though some multivector worm programs, like Conficker, have victim figures that number in the millions.

In a common scenario, the first malicious program installed is called a downloader. A downloader's goal is to be installed on the victim's PC and then to "phone home" to the "mothership" Web server for more instructions. The downloader often has instructions to contact a dynamic DNS server to get the mothership Web server's current location. The dynamic DNS server is just another Trojan-infected computer installed on an innocent user's desktop.

The DNS address record received by the downloader has an address that is good for only a short time -- sometimes as little as 3 minutes. These "fast flux" techniques complicate efforts to investigate or eradicate malware. The downloader will eventually be redirected to another server (which is, of course, just another compromised host) and download a new program or receive instructions. This sequence of finding and downloading new programs and instructions can go on for dozens of cycles.

Eventually, the final program and instructions will be installed on the victim's computer, with a handful of command-and-control servers under the direction of the botnet owners. Botnets can be used by the owners themselves to steal money, to conduct distributed denial of service (DDoS) attacks, or to break into other computers. Often the botnet owner will rent the botnet to other criminals who then use them to do their bidding.

A good example of a common bot and botnet is Mariposa. At one point, it controlled more than 13 million PCs in 190-plus countries. The masterminds of Mariposa were not ultraskilled malware writing geniuses -- they were three guys who bought a botnet "kit" on the Internet for $300.

DIY kits: Tools of the trade
Do-it-yourself malware kits have been around for two decades, but now they are soup-to-nuts efficient. The typical kit can spit out (currently) undetectable malware to do the customized bidding of its owner.

Using these kits is as easy as clicking a few check boxes. The resulting malware will break into websites to start infecting innocent visitors, generate enticing spam and phishing e-mails, and do everything it takes to create the botnet -- including bots, dynamic DNS servers, roving mothership Web servers, and the command-and control servers.

Many of the kits are directed toward bypassing particular types of authentication and focus on particular financial institutions. The better bot kits include a sophisticated administrative back end so that the hackers can read statistics on total infections, OS versions exploited, and tricks used. For another $30, the kit creators will include 24/7 tech support.

These kits aren't hidden. With just a little bit of searching, you can find them on the open market, often marked as "experimental" or "test-only" products. And there are plenty of "service providers" willing to help malware hackers turn their ill-gotten gains into hard cash.

Read more about how to fight back against modern malware in InfoWorld's free PDF report, "Malware Deep Dive."

By Roger A. Grimes, originally published at InfoWorld.com.

[Unsubsribe instructions would go here]