March 1, 2006
Plagued by spyware and adware that keeps reinstalling itself everytime you remove it? If you haven't kept your security patches up to date, the resuscitating spyware and adware may be the result of an Internet worm that reinfects your computer each time you access the Internet. Once the worm is in place - which will happen silently and without any action on your part - the worm installs a remote-access Trojan that then downloads adware and spyware and installs it to your system. All without your knowledge or consent. And it's not a single worm you need to worry about - there are multitudes of them circulating every corner of cyberspace.
If you're fortunate, unwanted adware is all that will happen. But that same malicious code could also track your keystrokes and send the remote attacker a list of usernames and passwords it obtained when you visited an online banking site. Or, it may take the easier route and capture login credentials maintained by your browser's AutoComplete feature. If you're a gamer, it might sniff out login credentials for any MMORPG's you play online, or ferret out CD licensing keys stored for your favorite games.
Once infected, your computer also silently begins infecting others, or may be used as a spam relay, or used to host pornography or other illicit - and often illegal - files.
In any case, if your system is not fully patched, you're a wide open target for a variety of attacks, the severity of which can range from adware installations, to game hacks, to outright identity theft - not to mention the legal problems that might ensue if your computer is found to be harboring illegal material.
A Common Thread
Three recent articles in The New York Times, The Washington Post, and BusinessWeek magazine discuss just these types of attacks. BusinessWeek's "Invasion of the Stock Hacker" reveals the plight of two investors whose computers were compromised and whose investing accounts were nearly wiped out as a result. In "Invasion of the Computer Snatchers", Brian Krebs of The Washington Post interviews a 21-year-old who spends his days maliciously infecting as many vulnerable computers as he can, foisting adware and spyware onto them and then bragging about how he could do so much more harm if he chose.
The victims interviewed by the reporters admit to not keeping their systems patched and had either no antivirus software or had not kept it up to date.
Today's malicious code is not a prank. Thanks to improperly managed affiliate programs, there's big money to be made by infecting others with adware and spyware. And there's even bigger money for those who sell the infected machines to other organized cybercriminals, or sell off pieces of information gathered - such as your bank username and password.
Many infections result from sheer complacency - users simply don't believe they can be infected or that they will be a target. Common misconceptions include:
I use a Mac. I use dial-up. I use Firefox. I'm just a basic user.
Mac users are susceptible and recent Mac viruses hammer home the point that it can happen as surreptitiously and easily as it can to PC users. It's also a mistake to believe that dial-up accounts are somehow 'safer'. If your computer - regardless of make or model or type of connection - connects to the Internet in any way, shape, or form, it is vulnerable. It takes only moments to discover, infect, and compromise an Internet-connected computer.
Switching browsers isn't the answer either. Internet worms spread independently of the browser used. And those threats that do spread through web sites, email, and IM generally rely more on social engineering (i.e. tricking the user into clicking a link, downloading, or installing a file). In any event, vulnerabilities are constantly discovered - and exploited - in all browsers, including Firefox, Opera, and Internet Explorer.
Attackers and malicious code don't care what type of user you are. Your computer represents a money chain to them and is equally valuable regardless - making you, or your computer, as much a target as anyone else online. Indeed, those who mistakenly believe they are immune are often those most at risk as they tend to be most complacent about security.
Next page: Protecting Yourself Online