Malware, The Next Generation

Evil_Bert · #1 17th January 2008, 08:53 AM

If you haven't seen this yet:

Mystery web infection grows ...

It begs the question: how risky does the 'net become, if malware becomes so adaptable? For example, it could detect your OS/browser and choose the suite of attack vectors best suited to the situation. It seems it's already at least generating attacks unique to each instance and not detectable by signature-based screening. IMHO, there'll still be fewer attack vectors available to target Linux than Windows, but then only one successful vector is needed.

Maybe it's time to bring forward my next personal project - a virtualised browser appliance - which I had been putting off.

As the watch sergeant on that old TV series, Hill Street Blues used to put it, "Be careful out there".

Evil_Bert · #2 23rd January 2008, 11:53 AM

More dispatches from the malware front:

Drive-by download menace spreading fast

A couple of pertinent quotes:

Quote:

At least one in ten web pages are booby-trapped with malware, according to a separate study by Google published last May

Quote:

Approximately 11 percent of computers worldwide have become a part of criminal botnets, which are responsible for 85 percent of all spam sent

pete_1967 · #3 23rd January 2008, 01:31 PM

I can't but feel sorry to those who get connected first time in their lives and feel the magic of the internet - and get screwed 5 minutes afterwards by these bastards.

There's so much money to make on the net for criminals and changes getting caught are so minimal that it's only going to get worse. Weak and useless legislation against cyber crime doesn't help either, nor does actions like in the UK where Home Office instructed not to report internet fraud to them but to banks in effect de-criminalising it (http://www.guardian.co.uk/money/2007...iness.politics).

cable_txg · #4 23rd January 2008, 02:27 PM

I still believe it's caused by some security professional with a Jekyll and Hyde personality.

Evil_Bert · #5 23rd January 2008, 02:56 PM

There used to be a theory bandied about that software security firms have malware writers on retainer to "keep the industry ticking over".

Seems a bit too far fetched for me, though.

cable_txg · #6 23rd January 2008, 03:17 PM

Quote:

Originally Posted by Evil_Bert

There used to be a theory bandied about that software security firms have malware writers on retainer to "keep the industry ticking over".

Seems a bit too far fetched for me, though.

It may seem so, but have you noticed when a new fix comes out (amidst tight corporate security), someone finds a way to enter in a matter of days! Now how did he/she get information about the system when it has not been released....! Food for thought.

cable_txg · #7 23rd January 2008, 03:21 PM

Quote:

Originally Posted by pete_1967

I can't but feel sorry to those who get connected first time in their lives and feel the magic of the internet - and get screwed 5 minutes afterwards by these bastards.

There's so much money to make on the net for criminals and changes getting caught are so minimal that it's only going to get worse. Weak and useless legislation against cyber crime doesn't help either, nor does actions like in the UK where Home Office instructed not to report internet fraud to them but to banks in effect de-criminalising it (http://www.guardian.co.uk/money/2007...iness.politics).

As for the British, the police may be overworked monitoring the millions of camera (Is that correct?) for terrorists and other life threatening situations, than to go chasing someone's lost money (sounds harsh, but I believe their priorities are intact here!)

***bob*** · #8 23rd January 2008, 03:45 PM

It is sad that so many people rely on Windows and pay money for security software that may not be up to every task. IMHO, Microsoft should really be supplying decent spyware and virus protection for free. It would also be nice if the governments required ISP's to have that protection built into their services.

For now, I'm suggesting to all my friends and family that they at least dual-boot with linux and use it for browsing, emails and chatting. Surprisingly, even a friend who's machine is now severely compromised by spyware & key loggers is resisting that idea. You've got to admire MS for having convinced so many that malware is something they have to put up with and pay healthy amounts to keep at bay. Nice brainwashing, Bill!

pete_1967 · #9 23rd January 2008, 03:45 PM

Quote:

Originally Posted by cable_txg

As for the British, the police may be overworked monitoring the millions of camera (Is that correct?) for terrorists and other life threatening situations, than to go chasing someone's lost money (sounds harsh, but I believe their priorities are intact here!)

Yeah, and on top of that picking their noses and filling forms (http://news.bbc.co.uk/1/hi/programme...ma/6995649.stm) not to mention reading health and safety reguilations before lifting their finger (that actually applies more to community support officers: http://news.bbc.co.uk/1/hi/england/m...er/7007081.stm) not to mention filing PTSD compensation claims (http://news.bbc.co.uk/2/hi/uk_news/n...nd/4411878.stm and http://www.independent.co.uk/opinion...re-697026.html)

Wish I'd had chance to claim PTSD compensation when I was in IDF - I'd be millionaire now.

pete_1967 · #10 23rd January 2008, 03:52 PM

Quote:

Originally Posted by bob

Microsoft should really be supplying decent spyware and virus protection for free.

Better not: http://news.zdnet.com/2100-1009_22-6156733.html , http://news.bbc.co.uk/1/hi/technology/6418965.stm and that's for commercial product

cable_txg · #11 23rd January 2008, 03:55 PM

Quote:

Originally Posted by bob

It would also be nice if the governments required ISP's to have that protection built into their services.

It would be nice, but if they were using Windows as their server, I would switch ISP immediately (too much system overhead and my internet usage would be painful)

Quote:

Originally Posted by bob

You've got to admire MS for having convinced so many that malware is something they have to put up with and pay healthy amounts to keep at bay. Nice brainwashing, Bill!

Their marketing department must be getting paid well to take all those psychology classes and training.

***bob*** · #12 23rd January 2008, 03:57 PM

Boy, that One-Care has been nothing but a bust from the start! I'd suggest that they should simply buy Symantec and use their product, but the Redmond folks would probably bork it in a month. You know, if the cycle had been somehow reversed and linux had been the 'standard' for the Joe User and MS had been the new kid on the block, that company would be bankrupt by now.

techmatt · #13 23rd January 2008, 09:09 PM

So True BOB. The scary thing is that MS has done a few things better then the Linux community. I do like the Viso application and have not found a comparable open source solution for it.

pete_1967 · #14 23rd January 2008, 11:16 PM

Quote:

Originally Posted by techmatt

...scary thing is that MS has done a few things better then the Linux community...Visio application ...

Except that MS never made it.

They bought the company, Visio Corporation, who released first version of Visio in 1992, in 2000

kona0197 · #15 24th January 2008, 02:20 AM

Bob - Symantec products are the worse thing you can install on your Windows rig...

They do more harm than good.