PDF’s Vulnerable to Worm Malware

Exploits not needed to attack via PDF files – On CNET.com. The problem is that PDF viewers allow programs to be executed from within the viewer. According to the article, to stop this type of attack:

“Users can also turn off this functionality in the Adobe Reader and Adobe Acrobat Preferences by selecting > Edit > Preferences > Categories > Trust Manager > PDF File Attachments and clearing the box ‘Allow opening of non-PDF file attachments with external applications.'”

Advertisements

Computer Security Alert: Scareware, Malware’s Evil Brother

Recently, I have seen a strong rise in false anti-virus malware programs called “scareware”. According to Wikipedia:

Scareware comprises several classes of scam software, often with limited or no benefit, sold to consumers via certain unethical marketing practices. The selling approach is designed to cause shock, anxiety, or the perception of a threat, generally directed at an unsuspecting user. Some forms of spyware and adware also use scareware tactics.

A tactic frequently used by criminals involves convincing users that a virus has infected their computer, then suggesting that they download (and pay for) antivirus software to remove it. Usually the virus is entirely fictional and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 583% increase in scareware programs.

The version I have seen brings up a fake anti-virus alert in a webpage while you are surfing. It looks like a legitimate warning and says that you need to scan your system for viruses. It then offers you a link to scan the system. The alert is fake, but if you click on the link, it could download a real virus to your machine. It “scares” you into installing the virus, thus the name “scareware”.

It is imperative to have a current ant-virus/ anti-spyware program installed on your system. You should also check the status of your anti-virus regularly to ensure that it is active and downloading updates. If you do not have an anti-virus program, I highly recommend PC Tools Spyware Doctor with Antivirus protection.  It has won many industry awards for protection including PC Magazine Editors Choice Award.

Google Trends for Botnet, DDoS & Malware

Google Trends is a tool that charts search terms used on Google over time. These are the Google search trends for Botnet, DDoS and Malware:

It’s interesting to note that searches for DDoS have been pretty much consistent since 2004, where malware searches seem to be on a constant incline. Searches for botnets are much more spikey. This is probably whenever botnets make it into mainsteam news.

And just for kicks, Russian and Chinese Hackers:

American and Iranian hackers were so small compared to these two that they didn’t even show up, so I left them off. I thought it rather odd that nothing really shows up before 2007. Also, not listed, is which region had the most searches for these terms. The winner? India. They had twice as many searches than the other regions which included the US, Canada and UK. No other regions were listed for these search terms which I thought was rather odd also…