Welcome to 

    mickyj.com

   


















     

   
 

    

    


Malware

 

 

Malware is a generic term that covers malicious software and code. It is code which in essence does nasty things to your PC and your privacy.

 

Malware includes:

  • Viruses  (Infections that travel quickly and usually do damage to your PC)

  • Adware (Pop up ads trying to sell you things)

  • Spyware (Watch what you do, log passwords, email addresses etc)

  • Bot-nets (Turn your PC into a drone for spam or other activity)

  • Trojans (Take control of your PC through things you download and trust)

  • Hijackers (take over your internet web pages)

  • Rootkits (Secretly hide themselves and other software on your PC)

  • Ransomware (Encrypt and password your files, provide the password if you pay)

  • Phising (A fake website that looks like the original, grabs your user details)

  • Spamming tools (Makes your PC into a spammer)

  • Hacking tools (Allow hackers remote access or hacks on their behalf)

  • Key loggers (Records all your key strokes and send them to a server)

and much more.

 

Malware is usually poorly written so the more of it you have, the slower your machine runs and more likely it is to crash. The more of it you have, the worse the experience. It sometimes also attempts to install itself into areas of your system it should not touch. This normally produces "the blue screen of death".

 

Why do they exist ?

 

I used to view it as a computerized graffiti. A way that programming students tried to impress people or impress corporations to try and get a job there. Someone trying to get a name for themselves and become immortalized.  Then it became revenge attacks against companies who had fired someone. These days, it is all about money. They want your credit card details. They want you to need to pay for removal. They want your email list for spamming to, they want your machine to become  a slave so they can hack others from it. They want to sell your details or market you with popups.

 

Spam is interesting. Both Spam and popup websites are annoying but did you know about 1 in 10,000 actually buy the Rolex watches, Viagra etc ? As these afflictions hit millions of people, spammers etc stand to make lots of money. If 1 in 10,000 bought the $600 US "Genuine" Rolex watch, they have paid for their expenses for the week. This is especially the case if there are no expenses as they have hacked someone else's PC for the Campaign and the internet costs etc are no longer theirs to pay.

 

 

 How do I get these things ?

 

Malware writers want to trick you into installing their software. Who would deliberately want this horrible mess ?

 

They could do this through:

  • Fake software

  • Website hijacking

  • Cyber sitting

  • Email

  • Shareware supporting Ad software

  • Malicious injection and hijacking

  • Email Jokes

  • Hack and crack websites and downloads

  • Pornography sites

  • Peer-peer music and video sharing sites

 

All these things easily get the Malware onto your PC.

 

The basic trend is once you have once piece of Malware, they download more. I am personally a very safe surfer. I scan my PC about once a week using Spybot. I know how to spot most Malware and stay away from it yet I still get it. I am very careful yet I still get infected. You can not protect yourself 100%. All you can do is reduce the risks. Because I surf so much, there is huge potential something might get in. Because I test and review software, there is always the chance of getting a bug. I run an Antivirus and Firewall yet I still get Malware. I just get far less than most people because I am careful. There is less chance of my details for my bank, visa card, hotmail, eBay, gmail etc accounts getting out into the general public.

 

A lot of Malware know about Firewalls and Antivirus. Some will make your firewall useless and create open paths through the firewall allowing themselves to do their work. Others will shutdown your antivirus but make it look like it is still running. Hence you start to get viruses.

 

So how do you get these ?

 

When you surf the internet and are prompted with banner ads for things like:

"Your computer is running slow"

"You have Spyware, click here to clean it"

"You are our 1,000,000 visitor, click here for your prize"

"Your registry needs repair, click here for a solution"

"Scan now for vulnerabilities"

.. Other Popups ?

You kill one window, another pops up.

 

These likely point to Malware downloads. When you click the ok, install, yes or other affirmative button, you get the software and nasty payload. When you click the no, not now or other button to cancel, you likely get the nasty and software. Programmers are able to program these buttons to do their bidding. Microsoft do not control the buttons. They both end up installing the nasties. You can avoid this by clicking the cross in the top corner. This means do not answer and kill this box.

 

These utilities might be fine or might just make your system worse. Some of these say that they have found faults and need your Visa details to clean the issues found. Some are just 100% Malware and do nothing useful at all.

 

Another problem is Phising, the art of faking a website and tricking you into using it to part with your password details or even infect you with Malware. Some emails will have a blue link in them telling you that you need to update your credentials for such and such bank. When you click the link, it appears to go to the website in question. The right logo and correct domain name appear but in reality, something is monitoring your key strokes or the full address link is not correct. Sometimes the site is spelt wrong.

 

Sometimes people will purchase domains that live off the good will of others. My website is www.mickyj.com. I do not own www.mickyj.com.au and someone could make up a website at this address and pretend to be me. This is Cyber sitting.

 

If you do get the strange popup's, kill them quickly, do not let it fully them appear and click the cross at the far top Right hand corner.

 

Sometimes you will get an email with an attachment. Viruses can live in PDF files . They have been found in Jpeg files. Movie, WMV files can redirect you to websites and there are many other dangerous attachments. Just viewing something could infect your PC.

 

some fancy free tools will include a Malware payload. Remember, "Free is not always free". They get their money in other ways. It might be an Ad supported product with popup ads or tracking services. It might harvest your email list or do worse.

 

If you do not want to register a product or you have a pirate version, the hacks and cracks sites you get the unlock keys from usually are full of Malware. If you start looking through these websites, then you are now into the darker side of the internet. These people thrive on stealing your information. Pornography websites are very similar. These sites love to infect you.

 

The last major infection method is through Peer-peer software. These tools allow you to break copyright by downloading music and movies etc. This is not like the legal downloads you see on iTunes. If you are getting your music for free through a software program, you are likely breaking the law. a lot of these programs have back doors in them for hackers to break into your system. a lot of these allow Malware to download to your PC. These tools leave you legally open for litigation and you can have all your personal details stolen. These tools include:

 

  • Audiogalaxy

  • Bearshare

  • Blubster

  • E-Mule

  • E-Donkey

  • Azarius

  • Gnucleus

  • Grokster

  • Imesh

  • KaZaa

  • KaZaa Lite

  • Limewire

  • Morpheus

  • Shareaza

  • WinMX

  • Xolox

  • Bit torrent clients

 

They are dangerous. They can degrade system performance, they are usually poorly written and consume vast amounts of storage. They may create security issues as outsiders are granted access to internal files. These tools are often bundled with Adware or Spyware. You can innocently share music files or become a virus writers test ground (or be hacked). So please don't let your kids install these. It is not worth the repair bill just to get those hard to find music files. It is much safer to use iTunes. There is a reason why these programs are free.

In the end, these guys always get their money !

 


 

Updates:

 

1 June 2007

Be careful about community websites like MySpace. These sites have the good, bad and ugly from the web. This includes hackers and Malware launching points. Recently these sites have been linked to pornography rings, drug rings and much worse.

 

3 July 2007

Avoid clicking on links in emails that appear to be online postcards from friends. The majority of these are currently Trojans trying to get onto your computer.

 

Example from my inbox:

You've received a greeting ecard from a mate!

 

Good day.

Your mate has sent you a greeting ecard from Postcard.com.
Send free ecards from Postcard.com with your choice of colors, words and music.
Your ecard will be available with us for the next 30 days. If you wish to keep
the ecard longer, you may save it on your computer or take a print.

To view your ecard, choose from any of the following options:

--------
OPTION 1
--------

Click on the following Internet address or
copy & paste it into your browser's address box.

http://********IP Removed*************/?78b15d7703a3b01bdad81d9b848ca9

--------
OPTION 2
--------

Copy & paste the ecard number in the "View Your Card" box at
http://****IP Removed*******/

Your ecard number is
78b15d7703a3b01bdad81d9b848ca9

Best wishes,
Mailer-Daemon,
Postcard.com

 

A great place to check the latest is on Harry Waldron - Microsoft MVP Blog

 

12 November 2007

Avoid going to Sensis websites. This includes

Someone has uploaded a flash animation as a banner ad and it contains code to hijack your browser. It would be assumed Sensis will jump on this and the issue will be resolved very quickly. this just shows you how an innocent site that you trust and have always used, can actually be harmful. It is not necessarily Sensis's fault. Crafty hackers are out there trying to exploit everything they can.

 

 


Protection

 

The best computer based way to combat these issues is to test your firewall, scan your PC for viruses and Malware.

 

The best human based way to avoid these things is not to take things on face value. Do not trust downloads and always double check websites. Remember, free is not always free. It will cost in other ways. Be careful where you and your kids surf to. Do not download toolbar add ins into your internet explorer. Do not install Incredimail. Do not allow your kids to accept or transfer files in MSN messenger. Do not allow MP3 peer-peer programs onto the PC's. Buy music legally. Your kids will need monitoring. Don't forget, your online banking details are important. Your email list is valuable.

 

Scanning your computer

 

Do an antivirus scan with an internet based service so that you know it has not been compromised (Like Trend Micro  Housecall). Use Spybot for the remaining Malware. Use GRC.com to test your firewall.

 

Another good way to protect yourself is to upgrade to Internet Explorer 7 and a more dramatic measure is to update to Vista.

 

Be vigilant.

 

 

Help make this article easy to find for others. If you belong to one of the following Network sites, please click to vote for this page. (If you are not registered, it is free)

 

 
Del.icio.us
Digg
Technorati
Blinklist
Furl
reddit

To keep up to date you can refer to my blog

 

If you are viewing this page then these specific other pages in this series might be of interest to you:

  • Tools to remove Malware and Viruses
  • Tools to remove Malware etc but still under review by me
  • A page dedicated to helping you get the information needed to remove Malware
  • Spybot installation steps
  • How to perform an online Housecall Virus scan
  • What is Malware ?
  • Why are people using my email address?
  • How did someone steal my Email address?
  • Why is my email being blocked ?
  • How can I reduce spam ?
  • Why did I get infected ?
  • How to Handle Spam!
  • Why do I get all these bounce backs to my email address ?
  • What is a Drive-By Malware attack ?

     

     

     

     

     

        

     

         ( )

     

  •  

     

     

                                                                 This page was written and designed by Michael Jenkin 2011 © (Best viewed at 1024 x 768)