The Real Woes for Apple Security Begin – 1 in 5 Mac Computers Now Carries Malware‏

April 25, 2012

At the start of the month, in what was the largest attack on the Apple OS to date, a beleaguered Apple released two security patches to address flaws in their Java code that had enabled malware to infect over 600,000 computers.  According to Symantec, in just 2 weeks consumers downloading the security patches dropped the number of infected computers from 600,000 to 140,000, where it seems to have stagnated. Symantec urges consumers that suspect their Mac has been infected with OSX.Flashback.K, to install the latest patches, and ensure that your antivirus is up to date.

But the problem doesn’t end there as a new variant has sprung up. Sound familiar? It should. Apple has grown in relevance to now face the same frustrations as the Windows platform – fix a hole and watch hackers find a new angle.

On April 23rd, the New York Times reported that “researchers at Intego, another computer security firm, discovered that a new variant of the malware, called Flashback.S, continued to spread through the same Java vulnerability. Security researchers said the variant was “actively being distributed in the wild” and noted that the malware deletes traces of itself on victims’ machines to avoid detection.

Today (April 24th) the Wall Street Journal reported that security firm Sophos released new research that analyzed “100,000 Mac computers running its free anti-virus software, and discovered that one in five machines was found to be carrying one or more instances of Windows malware.” And that “2.7 percent (one in thirty six) of Macs were found to be carrying Mac OS X malware.”

The Journal article included comments from Graham Cluley, senior technology consultant at Sophos, who said “Some Mac users may be relieved that they are seven times more likely to have Windows viruses, spyware and Trojans on their Macs than Mac OS X-specific malware, but Mac malware is surprisingly commonly encountered. Mac users need a wake-up call about the growing malware problem.”

“The simple fact is that you can scan your Mac for infection from your armchair. The test is painless and free; you just download an anti-virus product and allow it to check your computer and protect it against infections in the future,” explained Cluley.

At the end of the day the question is this, will Mac users be any better than Windows users at securing their devices with anti-malware tools?

Linda

Comments Off | Linda's Blog | Tagged: , , , , , , , , , , | Permalink
Posted by Linda Criddle

Flashback Trojan has Infected Over 600,000 Macs

April 19, 2012

This week Apple patched a flaw in their Java code to prevent Macs from becoming infected with the Flashback Trojan – a malicious program that steals infected users’ user names and passwords, and has continued to evolve to exploit other elements.

Unfortunately, the malware has run rampant the last two months – when the malware was first detected. The Russian antivirus company, Dr. Web, reports that over 600,000 Mac’s are infected – and that 56% of the infected Macs are in the hands of U.S. consumers.

A ZDNet article includes these links for Mac users to get “the new version of Java that patches the security hole in question from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. Additionally, F-Secure has instructions on how to remove this malware if you think your Mac may already be infected.”

If you are among the Mac users who have clung to the belief that Macs don’t need strong malware protection, let this be a wakeup call.

Linda

Comments Off | Linda's Blog | Tagged: , , , , , | Permalink
Posted by Linda Criddle

Giving Technology This Season? Use McAfee’s 10 Tips to Keeping Devices Safe

December 21, 2011

Tech items are wish-list toppers again this year, and if you’re among the millions planning on giving devices, don’t forget to include the safety, privacy and security tools and education that are needed to ensure the recipient is protected. This festive tip sheet from McAfee helps identify areas to think about.

Linda

Comments Off | Linda's Blog | Tagged: , , , , , , , , , | Permalink
Posted by Linda Criddle

Most Users with Free Android Antivirus Scanners aren’t Protected

November 30, 2011

Many free AV apps exist for the Android market but new comparisons by AV-TEST, a globally recognized security institute out of Germany, uncovered sobering security failures when they took the AV products through their paces.

The products to come out best were for-pay services from “Kaspersky and F-Secure, which detected at least 50% of all malware samples already in inactive state.”

Among the free options “Zoner AntiVirus Free was best with 32% detected malicious apps. All other scanners detected at best 10% of the apps; some didn’t detect anything at all.” Commenting on the results AV-Test said, ‘the circulation of obviously near to useless security apps endangers those, who trust them.’

AV-TEST’s test results are shocking, particularly as the advice given by security experts is that all smartphone users need anti-malware software in place. Yet those who diligently installed one of these free programs, has an entirely false sense of security.

The program with the lion’s share of installations is Antivirus Free by Creative Apps who, along with GuardX Antivirus and LabMSF Antivirus beta, failed to identify any malware in either the manual or real-time on installation scan.

Not only should these ineffectual products be purged from the Android market, there should be a howl of protest from consumers insisting that apps claiming to protect consumers actually do so – and be required to show how well they protect in their descriptions.

Below are two tables from the research, click here to read the entire report.

Linda

Comments Off | Linda's Blog | Tagged: , , , , , , , , | Permalink
Posted by Linda Criddle

Estonians Charged For $14 Million in Click Fraud – Is Your Computer Infected?

November 22, 2011

In a particularly advanced two prong click fraud scheme, 7 men are charged with infecting 4 million computers worldwide – 500,000 in the U.S. alone. Once infected, the criminals would redirect users search results to websites that would pay the criminals a referral fee, so the more searches they redirected, the more money they made. The second method used was to replace legitimate ads on websites with ads from companies that paid for referring clicks.

In a statement by Janice Fedarcyk, assistant director in charge of the FBI New York office, “They victimized legitimate Website operators and advertisers who missed out on income through click hijacking and ad replacement fraud.”

Hijacked sites included The Wall Street Journal and ESPN. An article in the New York Times included the following illustration of how ESPN ads were swapped; the page shown on the left has a legitimate Dr. Pepper ad, while the ad on the right is for a timeshare company that paid for clicks.

Called the biggest cybercriminal takedown in history, the FBI worked with international law enforcement agencies, security companies, and security experts for over two years to crack the case.

This malware that infected both the Windows and Mac operating systems did not target consumer information; it was designed to defraud advertisers and website companies, but in order to avoid detection by antivirus software the malware blocked antivirus updates. This means that infected users were (and are) vulnerable to other malware.

What this means to you:

Although the FBI has replaced the malicious servers involved, infected users remain infected with the DNSChanger malware, and any other malware that was able to crawl into computers while security software updates were blocked. If you’ve seen unlikely ads or suspect your machine may be infected, the FBI has created a website that will help you detect the malware and get rid of it.

Linda

Comments Off | Linda's Blog | Tagged: , , , , | Permalink
Posted by Linda Criddle

Great Infographic with Sobering Stats on Mobile Malware and User Ignorance

September 12, 2011

Over half (53%) of smartphone users say they are unaware that there is security software available for smartphones according to research by security company BullGuard, a shocking data point when mobile malware is skyrocketing.

In just the first six months of 2011, malware aimed at the most vulnerable platform, Android, has grown by 400% according to BullGuard, but that isn’t to say that Symbian, Apple or Windows Mobile users are safe.

The company has just released a new infographic titled Mobile Malware: – The Growing Threat of Smartphone Hackers & What You Need to Know’ that gives a great overview of the landscape of mobile malware, the lack of awareness about mobile threats among consumers, and what to expect for the second half of this year and into 2012 (the news isn’t great).

By the time you’ve finished scanning through the infographic, you may just be persuaded to install the mobile security software smartphones now desperately need.

Linda

Comments Off | Linda's Blog | Tagged: , , , , , | Permalink
Posted by Linda Criddle

Commtouch’s Internet Threats Q2 Trend Report Another Sobering Read

July 22, 2011

Bad news always outweighs the good when talking about online security, and a new report from Commtouch just underscores this point.

The good news is that spam volumes are down nearly 30%, to a measly 113 billion a day, thanks to the takedown of the Rustock botnet.

That includes a downturn in pharmacy spam though this category still represents 24% of all spam.

The bad news on the spam front is that spammers are now using compromised email accounts – so expect more spam coming from friends and family’s accounts.

Additionally, the report found that zombie activity skyrocketed with an average turnover of 377,000 new zombies per day targeted at sending malware and spam. This represents a 68% increase over zombie volumes in the first quarter of the year. India remains the top zombie producing country now hosting 17% of the global population, followed by Brazil and Vietnam.

Whether or not you think of pornography as ‘dirty’ the websites hosting porn really are dirty. Pornography and sexually explicit content sites rank highest in the most-likely-to-contain-malware contest, followed by parked domains and portals.

Education websites interestingly enough come in fourth place for categories infected with malware ahead of entertainment and business. This may be because scammers are smart enough to suspect users will be less cautious on educational sites, or the reason may be that educational sites aren’t very well protected and make easy targets.

The bottom line

Criminals continue to increase the number and creativity of their exploits; letting your guard down for even a moment increases the likelihood that you’ll be their next target.

Linda

Comments Off | Linda's Blog | Tagged: , , , , , , , , | Permalink
Posted by Linda Criddle

Google Warns Users of Malware – Take Action

July 20, 2011

You’ve been warned to be skeptical of notices that pop up warning you of malware on your device that is actually malicious software trying to get you to download fake ‘anti-virus’ software. However, if you see this notification from Google at the top of your Google search results, believe it.

Noticing an unusual pattern of activity in Google search traffic, the company enlisted the help of outside security professionals in the companies sending the modified traffic to determine the computers were infected with malware.

Google’s online security blog says “This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called “proxies.” We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections.

We hope to use the knowledge we’ve gathered to assist as many people as possible. In case our notice doesn’t reach everyone directly, you can run a system scan on your computer yourself by following the steps in our Help Center article.”

Kudos to Google for being proactive and transparent about the issue as well as for providing clear, easy-to-follow steps users can take to fix the problem.

This is one more example of why everyone must keep their security software up to date.

Linda

Comments Off | Linda's Blog | Tagged: , , | Permalink
Posted by Linda Criddle

Social Engineering Bigger Risk to Your Online Safety than Malware

June 8, 2011

Protect your computer! has been the mantra of safety, security and privacy experts for years. We tell you to be sure to have up-to-date security software installed. To use strong passwords. To password protect your home network.  To avoid using unknown networks. And so on…

But we also tell you that all the security in the world can’t protect you, if you, or someone else using your devices, act carelessly. 

You can protect your home by selecting a safe neighborhood, installing locks on the doors and windows, adding security systems, outdoor lighting, fencing and gate, and getting a guard dog. But you can also disable all that security in the blink of an eye by opening your front door. If the person at the door is safe, then no harm is done. But if the person at the door has fooled you into believing they’re safe – you could be at high risk.

The same scenario of security and disabling of security plays out online. The term social engineering refers to the ways criminals use non-technical tricks to convince you to disable your security measures so they can get into your computers, phones, consoles, etc., and cause harm.

Interesting data from AVG Technologies reported in the Virus Bulletin shows that users are more than four times more likely to come into contact with social engineering tactics as opposed to a site serving up an exploit. Why? Because criminals know that humans are usually the weakest link in the security chain.

Think about it, why would crooks struggle to dismantle or bypass your security when they can convince you to open the door and let their exploits in?

How do criminals convince users to allow them bypass the user’s security? By gathering information about their victims. Some attacks are fairly unsophisticated broad attempts sent out knowing that a certain percentage of users will have an account with a service like eBay, Facebook, Chase Bank, etc. and that some will click on a notice that appears to be from one of these companies.

In more sophisticated attacks the criminals learn more about your specific behaviors, interests and who your friends are. Once the criminals have learned these things about you, they can set up a scenario that significantly increases your likelihood of falling for their scam. The better they know you, the more likely you will click on their link or download their exploit.

How to defend yourself

Study and practice the easy to learn 14 Steps to Avoiding scams. If you follow these steps rigorously, they will help you avoid falling for socially engineered exploits.

Linda

Comments Off | Linda's Blog | Tagged: , , | Permalink
Posted by Linda Criddle

Windows Getting Safer, but Study Finds that 1 of Every 14 Programs Downloaded is Later Confirmed as Malware

June 7, 2011

With all the news about Mac malware making Apple devices more vulnerable, Microsoft has announced that Windows is getting safer – particularly if you’re using Windows 7.

There are some pretty interesting discoveries in Microsoft’s most recent Security Intelligence Report covering the second half of 2010, and it’s worth the full read if you’re at all technically inclined.  Here are a few points I found particularly interesting:

  1. It really pays to upgrade your Windows OS to increase your security. A Windows 7 64-bit system (their most recently released Windows client) has the lowest infection rates at 2.5 infections per thousand computers.
    In comparison:
    1. Windows 7 32-bit systems have infection rates of 3.8 per thousand computers.
    2. Windows Vista SP2 32-bit PCs have a rate of 7.5 infections per thousand computers.
    3. Windows XP SP3 32-bit machines have an infection rate of 15.9 for every thousand computers.
  2. Malware infections are a global scourge – but not all parts of the globe are equally plagued.  The US, Mexico and Central and South America, France, Spain, Parts of the Arab world and Russia are hardest hit. This map paints a clear picture of the problem areas.
  3. The prevalence of various types of malware threats changes based on country factors.  For example, the U.S., England and Russia have significant issues with Miscellaneous Trojans, but are less likely than other countries to struggle with password stealers and backdoors.
  4. Though most phish scams target financial sites, it’s the phishes through social networks that get most of the impressions – an impression is measured as a single instance of a user attempting to visit a known phishing site with Internet Explorer. Phishing impressions that targeted social networks increased from a just 8.3% of all impressions in January to a whopping 84.5% of impressions in December. This trend was especially stark in the last four months of the year.Also note the increased focus on targeting gaming sites early in the year, the report suggests that with the tremendous success of phishing via social networks, the focus on gaming declined, but they expect to see this increase again when social networkers become more savvy to the attacks and new methods of delivery need to be found.

  5. Adding to our understanding of the phishing threats covered in MSFT’s security report is an article on the IEBlog that talks about how the company’s SmartScreen technology in IE9 is helping to block social engineering attacks.  The following are excerpts from the blog:

For context, recent studies show that despite the headlines that exploits of software vulnerabilities get, people browsing the Web are more likely to face a socially engineered attack. Recent articles have compared different approaches to protecting people. Application Reputation is a natural extension of the current protections introduced in IE7 & IE8 that block phishing sites and sites that distribute malicious programs.

…User-downloaded malware is a huge problem and getting bigger.

…IE blocks between 2 and 5 million attacks a day for IE8 and IE9 customers. Since the release of IE8, SmartScreen has blocked more than 1.5 billion attempted malware attacks. From our experience operating these services at scale, we have found that 1 out of every 14 programs downloaded is later confirmed as malware.

These reports paint a very sobering picture on the state of internet security, but there are clear steps you can take today to decrease your chances of malware infections – not matter which operating system, browser, or device type you are using.

Here’s a 12 point checklist to get you started on the road to Internet security and safety. If you want more detail, look to http://ilookbothways.com for straightforward practical advice on how to steer clear of Internet hazards whether you’re sending e-mail, dating online, making purchases or socializing – and whether you are on a computer, or your phone.

  1. Secure your computers and smartphones with anti-virus, anti-spyware, and tools.
    Keep them current and use them unfailingly-as automatically as locking your door when you leave the house. A computer that does not have security software installed and up-to-date will become infected with malicious software in an average of four minutes. That malicious software will steal your information and put you at risk for crimes.

    1. You must have anti-virus and anti-spyware software installed and up-to-date. If your computer or phone isn’t protected from Trojans, viruses and other malware, your financial information, passwords and identity will be stolen. This concept is so basic, yet only 20% of the US population adequately protects their computers. If the cost of security software is prohibitive, use a free service.
    2. Secure your internet connection – Make sure your computer’s firewall is on. If you use a wireless network it needs to be encrypted so someone who is lurking outside the house can’t collect your information. If you need a free firewall, click here. Never use a public WiFi service for any type of financial transaction or other type of sensitive information transfer.
    3. Use added protection on sensitive financial information with passwords or store on a flash drive, CD or external hard drive For added protection all year, keep your finances inaccessible to anyone who uses (or hacks into) your computer. You can do this by password protecting individual files or folders on your computer, or choose to keep this information on a flash drive or CD that you keep in your safe or other secure location.
  2. Use strong, unique passwords for every site. Creating strong memorable passwords is easy and can actually be fun – and the payoff in increased safety is big. The key aspects of a strong password are length (the longer the better); a mix of letters, numbers, and symbols; and no tie to your personal information. Learn how with my blog Safe passwords don’t have to be hard to create; just hard to guess
  3. Review the privacy terms and settings. This needs to be done for every social site you use. Create an environment of safety for yourself by understanding how any website you use treats your privacy and information. That fine print may tell you the company can own, resell, rent, or give your information to anyone they want. If it does, find a more respectful site.
  4. Discuss online safety with your family and friends.  Decide together how you will help protect each other’s privacy online and set rules that reflect your personal values. Decide what information about yourself you are willing to have shared online, and with whom you are willing to share it. This includes asking friends to put your email address on the Bcc: line if they are including you on an email to people that you don’t know. Learn more here http://ilookbothways.com/?s=bcc.
  5. Be selective about who you interact with online and what information you make public.
    1. The risks are relatively low when you stick with people you know—your family, and friends. Going into public chat rooms or opening your blog up to the general public, for example, significantly increases your risk.
    2. Think carefully before you post online any information that can personally identify you, a family member, or friend on a public site like a blog, in online white pages, on job hunt sites, or in any other place anyone on the Internet can see the information. Sensitive information includes real name, birth date, gender, town, e-mail address, school name, place of work, and personal photos.
  6. Pay attention to messaging risks.
    1. Think twice before you open attachments or click links in messages -even if you know the sender-as these can be used to transmit spam and viruses to your computer.
    2. Never respond to messages asking you to provide personal information, especially your account number or password, even if it seems to be from a business you trust. Reputable businesses will not ask you for this information in e-mail.
    3. Never click on links provided in messages, unless you are sure of the sender. Instead, use a search engine to find the website yourself.
    4. Don’t forward spam. Whether it’s a cute ‘thought of the day’, ‘set of jokes’, ‘amazing photo’,  ‘recipe tree’ or similar email, if you don’t personally know the sender the email is surely a scam designed to collect the email accounts – and relationships – of everyone you share it with.
  7. Don’t trade personal information for “freebies.”   Online freebies come in two forms:
    1. The free games, free offers, and ‘great deals’. Just as in the physical world, if these types of offers sound too good to be true, they probably are. Not only will these collect and sell your personal information, these ‘deals’, and ‘free’ applications are usually riddled with spyware, viruses or other malicious software.
    2. Through survey’s, sweepstakes, quizzes, and the like. These marketing tools are designed for one purpose – to get as much information from you as they can, so they can sell that to interested parties. Even the most innocuous ‘survey’s learn far more than you imagine, and they may give you malicious software or download tracking cookies, so just skip these entirely.
  8. Periodically review your internet contacts, and online activities.   Internet housekeeping is important. Review who you have as contacts, and who can see your online profiles periodically to prune out everyone you no longer have a close relationship with. Review any images and content you’ve posted online to see if collectively these tell more about you than should be known.
  9. Check your credit reports.  Under the Fair Credit Reporting Act, you have the right to one free credit disclosure in every 12-month period from each of the three national credit reporting companies—TransUnion, Experian, and Equifax.
    1. Request a free credit report from one of the three companies for yourself, your spouse, and any minors over the age of 13 living at home to check for credit fraud or inaccuracies that could put you at financial risk. (Although exact figures are difficult to get, the latest data shows that at least 7 percent of identity theft targets the identities of children.) The easiest way to do this is through AnnualCreditReport.com.
    2. You can also pay for credit monitoring services that will alert you to any suspicious activity or changes in your credit scores.
  10. Block people you don’t want to interact with.   You don’t have to accept invitations to be friends with people just because they ask. Women in particular can find it difficult to turn someone down – and creeps and crooks count on this very thing. If you don’t want to be friends, delete the request. If you are already connected with someone you would rather not be, block them from your social sites. You can also block their email account so they can never contact you through email, and block their phone number from calling or sending text messages to your phone.  YOU get to choose who, how, and when you are contacted.
  11. Trust your instincts.   Online and offline, your instincts play a critical role in your protection. If something feels ‘off’, go with your instinct. You don’t have to explain your reasoning to anyone.
  12. If you are exploited, it is not your fault.   Following the fourteen steps outlined above can go a long way to keeping you safe, but bad things sometimes do happen. If you fall victim to a scam, fraudster, abuser or criminal, don’t blame yourself. The only person guilty is the abuser or criminal.  You didn’t cheat, scam, lie, threaten, harm, steal, or abuse yourself in some other way, so don’t lay a burden of guilt where none belongs. Don’t let the abuser or criminal shame you into silence. Speak out and get the help you need.

For even more information and help, check out these two blogs:

Linda

Comments Off | Linda's Blog | Tagged: , , | Permalink
Posted by Linda Criddle

« Previous Entries
Follow

Get every new post delivered to your Inbox.

Join 1,753 other followers