The malware landscape has shifted \u2013 These online threats are waiting for you in 2016<\/h2>\nIn Security Knowledge by Franziska on July 7, 2016<\/div>\nHave you ever wondered what you\u2019d do if all of a sudden the data from your your laptop was held hostage? What if you went to make an online payment and your bank account was empty without reason? This is the sort of nightmare one always imagines happens to someone else. Unfortunately, these are just two of far too many threats that we all face in a climate of heightened cyber crime.<\/p>\n
Today\u2019s attackers don\u2019t seem to be deterred at all by modern security measures and the use of malicious software is still a rampant issue for banks, businesses and at home users.<\/p>\n
![\"blog_main_protection\"](\"http:\/\/blog.emsisoft.com\/wp-content\/uploads\/2016\/06\/blog_main_protection.jpg\")
<\/p>\n
What is Malware?<\/b><\/p>\n
The term \u2018Malware\u2019 covers a plethora of exploitative programs. Defined most simply, Malware is software that is specifically designed to damage or disrupt your computer system.<\/p>\n
So what kinds are there?<\/p>\n
Generally speaking, Malware can be broken down into different categories which we will explore here in order of danger.<\/p>\n
Viruses \u2013 no longer a big deal<\/b><\/p>\n
A virus spreads itself by smuggling its code into another program. Uses for a computer virus vary from stealing sensitive information, taking control of a computer to complete illegal tasks or simply wanting to prove that it can be done, such as hacking a government website and taking it offline. Similar to its biological namesake, a virus requires a host.<\/p>\n
Worms \u2013 less common<\/b><\/p>\n
These nasties are similar to viruses in their shared aim to spread as fast as possible. But, unlike viruses, they don\u2019t require a host program. Worms spread themselves via storage devices such as USB sticks and email. Remember that time your sister gave you the USB with all of the family photos on it and suddenly your computer started freaking out? Yep. Your PC likely had worms.<\/p>\n
Antivirus software with a dual-engine fileguard<\/b> is your best defense against any kind of malware threat that spreads through e-mails, USB sticks or downloads.<\/p>\n
Spyware \u2013 more scary than disruptive<\/b><\/p>\n
These, well, they spy on you, and collect various types of data from your PC without your knowledge. Within moments of installation, cyber criminals have their hands on huge amounts of your personal information such as your email correspondence, private photos and again, your credit card details. Spyware is also used for surveillance through Keyloggers<\/i>: a variety of malware\u00a0that monitor keystrokes and secretly record everything entered into your keyboard. Personal demand for this technology has expanded rapidly in recent years. As parents become more and more concerned about their child\u2019s online behavior, keylogger software developed as a new form of parental control, much like that setting on your smart TV. With a simple program, parents are able to monitor their children\u2019s keystrokes to see what kinds of conversations they are having online and what they are searching for in google when they think no one is watching.<\/p>\n
Ransomware \u2013 a costly problem<\/b><\/p>\n
An exploitative crime, ransomware is a type of malware that encrypts your personal data or locks your entire PC. You are asked to pay a \u201cransom\u201d via an anonymous service in order to unlock your computer and free your data. Ransomware makes up a huge part of todays active threats as it turned out to be one of the easiest income earners for attackers. All other malware makes its developers money indirectly (by using or selling your computer power), but ransomware directly asks you (the victim) for cash to return your data or access to your PC. This is usually achieved\u00a0through a lockout screen with a countdown timer and a link to a payment page where you are required to pay your ransom.<\/p>\n
\n![](\"http:\/\/blog.emsisoft.com\/wp-content\/uploads\/2016\/06\/petya-ransomware-uses-dos-level-lock-screen-prevents-os-boot-up-502166-4.png\")
<\/a><\/p>\nExample of a ransomware lockout<\/p>\n<\/div>\n
Earlier this year, Hollywood Presbyterian Medical Center paid $17,000 in cyber-ransom money to recover patient data that was taken hostage through an online malware attack. This kind of malware is usually installed by a Trojan: the big kahuna of malware.<\/p>\n
Trojans \u2013 the ultimate exploit<\/b><\/p>\n
The main objective of a Trojan is to\u00a0install other applications on your infected computer so it can be controlled remotely. Trojans do not spread by themselves like viruses do. But, much the same as the Greeks\u2019 silent attack on the city of Troy, these malicious codes, when executed, release a second program: this is the Trojan itself. Trojans remain an ongoing issue for financial institutions. They are known for taking screenshots and uploading them to remote servers, gathering IP addresses which can be used to identify you, performing malicious web injections and allowing access to your infected PC to anyway who holds the keys.<\/p>\n
Trojans are especially dangerous because they combine two pieces of software: the first\u00a0infects your computer, the second waits silently until you visit your bank\u2019s website, captures your login details and hijacks your online identity. That same generic password (we know you do it) that you use for every single website, email account, Facebook and internet banking site is now recorded directly after your usernames. A lot of credit card fraud occurs this way, where your credit card details are stolen, and as neither a PIN nor a signature is required when shopping online, simply stealing card numbers, expiry dates and the CVV number (on the back) that you entered into what you thought was ebay is sufficient and lucrative for this kind of fraud.<\/p>\n
Trojans can also destroy files or information on hard disks or capture and resend confidential data to an external address. By opening communication ports, your computer can become a bot<\/i>; a member of a botnet army that is remotely controlled by a cybercrime organization.<\/p>\n
Bots- just plain scary<\/b><\/p>\n
These specifically consist of two parts.<\/p>\n
A dropper:<\/i> the exploit or trojan that then opens the machine to download the actual malware, and<\/p>\n
The bot itself:<\/i> which is a remote control software that connects to a master server to wait for instructions. Imagine you have a remote control feature that allows you to let 100k machines do one thing, what you could do with that! For example, you could let all of those computers send only one spam email per hour. Nobody would notice, yet you could send millions in a short time to sell viagra or to simultaneously access amazon.com with 1000 requests per minute and overload their servers so they can\u2019t earn money anymore. You could request ransom in exchange for not launching the attack.<\/p>\n
Sadly, even if the ransom demanded goes into the millions, these bots can continue to be used to hack more computers, wait for a new security leak to be discovered and instruct all bots to scan the entire internet for more vulnerable machines and so on.<\/p>\n
Suddenly a 100k network of computers has become a virtual monster computer that can crack passwords, mine new bitcoins or do any other calculation intensive job for free and your computer is now part of that botnet.<\/p>\n
We know you didn\u2019t mean to send $10,000 of your savings to help fund a terrorism organization. You didn\u2019t intentionally install keyloggers on hundreds of computers to mine data to be held for ransom. But, too bad. Your computer did and you are 100% responsible for what happens on your PC.<\/p>\n
![\"blog_content_breaker_protection\"](\"http:\/\/blog.emsisoft.com\/wp-content\/uploads\/2016\/06\/blog_content_breaker_protection.jpg\")
<\/p>\n
When you access a website, good anti-malware software checks if the address is already known for spreading malware, and if so, gives you a warning instead of loading the site. So, look for an antivirus solution that doesn\u2019t rely on signature-based detection alone, but also monitors your programs for unusual behaviour.<\/p>\n
A final note on malware<\/b><\/p>\n
Malware is designed to disrupt and damage your system. But, be aware that it is getting harder to define threats as just one category now. Bots act viral by spreading themselves around, ransomware acts like a virus in the way it manipulates files. Bots are installed via exploits and Trojans. Malware is dangerous regardless of the type or the delivery.<\/p>\n
A note on PUPs (Potentially Unwanted Programs)<\/i><\/b><\/p>\n
PUPs or \u2018crapware\u2019, on the other hand, are not usually dangerous, but are incredibly annoying. Want to know the temperature in Aruba every minute of every day? No. Us neither. Yet, this and other highly annoying information is suddenly popping up every time you open a program. PUPs, find their way onto your computer much the same way as malware, through a bug in a reputable site or wrapped up in that useful program you actually wanted. A good security system will detect and remove these while providing sound surf protection; a database that contains the addresses of dangerous websites and prevents you from entering that website in the first place…<\/p>\n
No matter how computer savvy you are, regularly updated security software with real-time protection should be an essential part of your PC. Protecting your data and your personal details is of primary importance. So what additional features should you be looking for in a well-rounded security program?<\/p>\n
Emsisoft Anti-Malware<\/a>\u00a0protects your PC in three ways.\u00a0Surf protection<\/b> prevents you from visiting dangerous websites. The powerful\u00a0dual-engine scanner<\/b>\u00a0detects any malware if it manages to enter your PC, and even currently unknown parasites will be reliably detected by its\u00a0advanced\u00a0behavioral\u00a0analysis<\/b>.<\/p>\nYour computer\u2019s health is of utmost importance to us, which is why we work so hard to stay on top of all modern and previous security threats.\u00a0Threats exist, but so do solutions.<\/p>\n
Have a nice (malware-free) day!<\/p>\n
Your Emsisoft Team<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"
The following article was recently posted on the Emsisoft blog. It’s an excellent malware primer that can help take some of the confusion out of understanding the different kinds of malware that lurk around every corner of the Web. \u00a0We’ve edited the article slightly. We thank the Emsisoft team for allowing us to share this with you. The\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1655,1433,1669,1670,1656,1654,1674],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11321"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=11321"}],"version-history":[{"count":2,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11321\/revisions"}],"predecessor-version":[{"id":11323,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11321\/revisions\/11323"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=11321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=11321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=11321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Have you ever wondered what you\u2019d do if all of a sudden the data from your your laptop was held hostage? What if you went to make an online payment and your bank account was empty without reason? This is the sort of nightmare one always imagines happens to someone else. Unfortunately, these are just two of far too many threats that we all face in a climate of heightened cyber crime.<\/p>\n
Today\u2019s attackers don\u2019t seem to be deterred at all by modern security measures and the use of malicious software is still a rampant issue for banks, businesses and at home users.<\/p>\n
<\/p>\n
What is Malware?<\/b><\/p>\n
The term \u2018Malware\u2019 covers a plethora of exploitative programs. Defined most simply, Malware is software that is specifically designed to damage or disrupt your computer system.<\/p>\n
So what kinds are there?<\/p>\n
Generally speaking, Malware can be broken down into different categories which we will explore here in order of danger.<\/p>\n
Viruses \u2013 no longer a big deal<\/b><\/p>\n
A virus spreads itself by smuggling its code into another program. Uses for a computer virus vary from stealing sensitive information, taking control of a computer to complete illegal tasks or simply wanting to prove that it can be done, such as hacking a government website and taking it offline. Similar to its biological namesake, a virus requires a host.<\/p>\n
Worms \u2013 less common<\/b><\/p>\n
These nasties are similar to viruses in their shared aim to spread as fast as possible. But, unlike viruses, they don\u2019t require a host program. Worms spread themselves via storage devices such as USB sticks and email. Remember that time your sister gave you the USB with all of the family photos on it and suddenly your computer started freaking out? Yep. Your PC likely had worms.<\/p>\n
Antivirus software with a dual-engine fileguard<\/b> is your best defense against any kind of malware threat that spreads through e-mails, USB sticks or downloads.<\/p>\n
Spyware \u2013 more scary than disruptive<\/b><\/p>\n
These, well, they spy on you, and collect various types of data from your PC without your knowledge. Within moments of installation, cyber criminals have their hands on huge amounts of your personal information such as your email correspondence, private photos and again, your credit card details. Spyware is also used for surveillance through Keyloggers<\/i>: a variety of malware\u00a0that monitor keystrokes and secretly record everything entered into your keyboard. Personal demand for this technology has expanded rapidly in recent years. As parents become more and more concerned about their child\u2019s online behavior, keylogger software developed as a new form of parental control, much like that setting on your smart TV. With a simple program, parents are able to monitor their children\u2019s keystrokes to see what kinds of conversations they are having online and what they are searching for in google when they think no one is watching.<\/p>\n
Ransomware \u2013 a costly problem<\/b><\/p>\n
An exploitative crime, ransomware is a type of malware that encrypts your personal data or locks your entire PC. You are asked to pay a \u201cransom\u201d via an anonymous service in order to unlock your computer and free your data. Ransomware makes up a huge part of todays active threats as it turned out to be one of the easiest income earners for attackers. All other malware makes its developers money indirectly (by using or selling your computer power), but ransomware directly asks you (the victim) for cash to return your data or access to your PC. This is usually achieved\u00a0through a lockout screen with a countdown timer and a link to a payment page where you are required to pay your ransom.<\/p>\n
Example of a ransomware lockout<\/p>\n<\/div>\n Earlier this year, Hollywood Presbyterian Medical Center paid $17,000 in cyber-ransom money to recover patient data that was taken hostage through an online malware attack. This kind of malware is usually installed by a Trojan: the big kahuna of malware.<\/p>\n Trojans \u2013 the ultimate exploit<\/b><\/p>\n The main objective of a Trojan is to\u00a0install other applications on your infected computer so it can be controlled remotely. Trojans do not spread by themselves like viruses do. But, much the same as the Greeks\u2019 silent attack on the city of Troy, these malicious codes, when executed, release a second program: this is the Trojan itself. Trojans remain an ongoing issue for financial institutions. They are known for taking screenshots and uploading them to remote servers, gathering IP addresses which can be used to identify you, performing malicious web injections and allowing access to your infected PC to anyway who holds the keys.<\/p>\n Trojans are especially dangerous because they combine two pieces of software: the first\u00a0infects your computer, the second waits silently until you visit your bank\u2019s website, captures your login details and hijacks your online identity. That same generic password (we know you do it) that you use for every single website, email account, Facebook and internet banking site is now recorded directly after your usernames. A lot of credit card fraud occurs this way, where your credit card details are stolen, and as neither a PIN nor a signature is required when shopping online, simply stealing card numbers, expiry dates and the CVV number (on the back) that you entered into what you thought was ebay is sufficient and lucrative for this kind of fraud.<\/p>\n Trojans can also destroy files or information on hard disks or capture and resend confidential data to an external address. By opening communication ports, your computer can become a bot<\/i>; a member of a botnet army that is remotely controlled by a cybercrime organization.<\/p>\n Bots- just plain scary<\/b><\/p>\n These specifically consist of two parts.<\/p>\n A dropper:<\/i> the exploit or trojan that then opens the machine to download the actual malware, and<\/p>\n The bot itself:<\/i> which is a remote control software that connects to a master server to wait for instructions. Imagine you have a remote control feature that allows you to let 100k machines do one thing, what you could do with that! For example, you could let all of those computers send only one spam email per hour. Nobody would notice, yet you could send millions in a short time to sell viagra or to simultaneously access amazon.com with 1000 requests per minute and overload their servers so they can\u2019t earn money anymore. You could request ransom in exchange for not launching the attack.<\/p>\n Sadly, even if the ransom demanded goes into the millions, these bots can continue to be used to hack more computers, wait for a new security leak to be discovered and instruct all bots to scan the entire internet for more vulnerable machines and so on.<\/p>\n Suddenly a 100k network of computers has become a virtual monster computer that can crack passwords, mine new bitcoins or do any other calculation intensive job for free and your computer is now part of that botnet.<\/p>\n We know you didn\u2019t mean to send $10,000 of your savings to help fund a terrorism organization. You didn\u2019t intentionally install keyloggers on hundreds of computers to mine data to be held for ransom. But, too bad. Your computer did and you are 100% responsible for what happens on your PC.<\/p>\n When you access a website, good anti-malware software checks if the address is already known for spreading malware, and if so, gives you a warning instead of loading the site. So, look for an antivirus solution that doesn\u2019t rely on signature-based detection alone, but also monitors your programs for unusual behaviour.<\/p>\n A final note on malware<\/b><\/p>\n Malware is designed to disrupt and damage your system. But, be aware that it is getting harder to define threats as just one category now. Bots act viral by spreading themselves around, ransomware acts like a virus in the way it manipulates files. Bots are installed via exploits and Trojans. Malware is dangerous regardless of the type or the delivery.<\/p>\n A note on PUPs (Potentially Unwanted Programs)<\/i><\/b><\/p>\n PUPs or \u2018crapware\u2019, on the other hand, are not usually dangerous, but are incredibly annoying. Want to know the temperature in Aruba every minute of every day? No. Us neither. Yet, this and other highly annoying information is suddenly popping up every time you open a program. PUPs, find their way onto your computer much the same way as malware, through a bug in a reputable site or wrapped up in that useful program you actually wanted. A good security system will detect and remove these while providing sound surf protection; a database that contains the addresses of dangerous websites and prevents you from entering that website in the first place…<\/p>\n No matter how computer savvy you are, regularly updated security software with real-time protection should be an essential part of your PC. Protecting your data and your personal details is of primary importance. So what additional features should you be looking for in a well-rounded security program?<\/p>\n Emsisoft Anti-Malware<\/a>\u00a0protects your PC in three ways.\u00a0Surf protection<\/b> prevents you from visiting dangerous websites. The powerful\u00a0dual-engine scanner<\/b>\u00a0detects any malware if it manages to enter your PC, and even currently unknown parasites will be reliably detected by its\u00a0advanced\u00a0behavioral\u00a0analysis<\/b>.<\/p>\n Your computer\u2019s health is of utmost importance to us, which is why we work so hard to stay on top of all modern and previous security threats.\u00a0Threats exist, but so do solutions.<\/p>\n Have a nice (malware-free) day!<\/p>\n Your Emsisoft Team<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":" The following article was recently posted on the Emsisoft blog. It’s an excellent malware primer that can help take some of the confusion out of understanding the different kinds of malware that lurk around every corner of the Web. \u00a0We’ve edited the article slightly. We thank the Emsisoft team for allowing us to share this with you. The\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1655,1433,1669,1670,1656,1654,1674],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11321"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=11321"}],"version-history":[{"count":2,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11321\/revisions"}],"predecessor-version":[{"id":11323,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11321\/revisions\/11323"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=11321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=11321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=11321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<\/a><\/p>\n<\/p>\n