Securelist / Blog
Securelist / Blog
  • The Winlock numbers, the Winlock laws

    While Eugene’s busy taking bets (wonder how much he’s going to make?), I’ve been having a think about the Winlock case.

    Russian law enforcement is estimating that the bad guys could have raked in as much as $1 billion. While it’s difficult to be certain about the exact amounts involved (obviously they spread their money across a lot of different accounts to avoid attracting attention), a little bit of simple math makes me think this figure isn’t as crazy as it might sound.


    Our statistical analysis tells us there could be around a million people who’ve been infected. 10 cybercriminals, each getting a cut of a ransom between $10 and $30 - even though they were paying out $3 per infection to the people willing to spread this malware, the numbers add up pretty quickly.

  • Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem
    The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.


    Some groups have been arrested. Some have had their operations and entire call support centers
    shut down.

    Some groups attracted too much attention, picked off
    the low hanging fruit and eventually walked away from their botnets.

    In some cases, the groups just weren't very skilled
    at developing anti-anti-malware techniques, blackhat SEO, and malware distribution. They couldn't keep up with the changes in anti-malware technologies,
    weren't exactly dedicated     to the effort, and simply fell off the map.


    However, some of the remaining scareware distribution gangs upped the ante and are aggressively developing difficult-to-detect polymorphic installers and difficult-to-remove support components. And the newest of these malware components include some of the first ITW 64-bit malware components to be taken seriously. But, for the most part, the scareware program itself remains the same. The development continues to change and progress, all for the purpose of evading anti-malware solutions and helping coerce the end-user to pay for the fake product, including support/rootkit components like TDSS (and its extreme complexities) or the more recent Black Internet (also known as "Trojan-Clicker.Win32.Cycler") support/rootkit components. These complex Mbr infectors and other rootkit components meant to maintain money-making scareware on the system are signs of this somewhat extreme development effort.

  • The Winlock case - I'm taking bets!

    Interesting news on Trojan SMS Blockers (Winlock etc). These programs block Windows and demand a ransom in the form of a text message which is sent to short number for a fee. It's a very popular type of racket at the moment, both in Russia and a few other countries.


    The whole affair has now reached the General Prosecutor’s office of Russia – the criminals have been identified and detained (or so it seems) and will be prosecuted in Moscow soon.

    Altogether the criminals have earned an estimated 790,000 roubles, or $25K. Moreover, they have caused other damages by blocking or crashing a yet to be determined number of personal and company PCs. Very often people have needed to re-install the OS and all software and then restore data from backups - even after paying the ransom.




    But I wanted to focus on the outcome – or the possible outcome of this incident, not on the investigation, arrests and so forth.
 
SpywareGuide Articles
Articles on Spyware, Adware, Malware and privacy in general
SpywareGuide Articles
  • DATA-THEFT WORM TARGETING GOOGLE'S ORKUT
    FaceTime Security Labs announced the discovery of a worm that steals users? banking details, usernames and passwords. The worm, known as MW.Orc, is propagating through Orkut, Google?s social networking site, as users launch an executable file disguised as a JPEG. Google has a temporary fix in place
  • The Digital Underground: Interview with RinCe
    This is Part TWO of a series of write-ups focusing on the recent threat to E-Commerce systems via potential IM (Instant Messaging) attack vectors and more besides, by way of a remotely installed administration tool and custom-built scripts, designed to find vulnerabilities in third-party payment sys
  • Property Values, Satellite Maps and Zillow
    A new service called Zillow allows you to easily access the value of your home...and your neighbors and even their neighbors. SpywareGuide articles are sponsored by FaceTime Communications, providing solutions for securing and controlling IM, P2P and Spyware Greynets.
Free Security Programs - The Right Price For Computer Safety PDF Print E-mail
User Rating: / 0
PoorBest 


By: Darrin Johnson

While you may think that security software for your computer is expensive, a number of developers have made some of their versions available over the Internet for free. Hard to believe, but true.

Instead of purchasing expensive security software packages that have more fire power than what a typical consumer might ever use, you can find simpler versions that can be downloaded for free from certain sites.


Although there are indeed free security programs, you need to search for ones that contain important features which will truly help protect your computer. If you can’t find one security program that contains all these features, then you should consider downloading multiple individual programs to ensure you are fully protected.


The first security software you need is called a firewall. Most new computers come with a firewall already built in. If not, however, you will need it to prevent unauthorized probes either to or from your computer. By adjusting the settings of your firewall, you instruct the computer what you are allowing in from the Internet and out from your computer to the Internet.


The next component that a free security program should have is an anti-virus program. A good anti-virus program will be able to not only identify and deter all incoming viruses, but should also be capable of detecting, repairing, quarantining, and eliminating infected files you already have on your computer.

There are always new viruses being developed - cyber thugs are ingenious - so it is important that your anti-virus definition file is routinely updated either daily or at least weekly. No anti-virus program is worth it - free or otherwise - if it can’t perform these basic tasks because otherwise you will only be protected for a short period of time.

A security program should also include an anti-spyware program in addition to adware and pop up blockers. Spyware and adware are embedded in so many of the programs and web sites you visit that, without an effective program to block and eliminate them, your computer will be bogged down with spam, advertising, and monitoring programs in no time at all.

Spyware alone can access and collect personal information on your computer leaving you open to the threat of identity theft and more. You need to have a defense program that locates spyware and adware and cleans them out as quickly as possible so that your computer continues to run smoothly.

Finally, if possible, try to find a free security program that includes an anti-Trojan program to eliminate Trojan viruses. These are special and unique viruses that are hidden within programs such as a game or even a music file.

Anti-Trojan programs should be able to scan all the files that you download to verify they are secure and harmless. Again, make sure your security program allows daily or weekly updates, because Trojan viruses are constantly in development.

A couple of options to find free security programs include www.tucows.com and www.download.com. Search their sites for the types of security programs you need (e.g. anti-virus, spyware, adware, etc.), and then look through the lists using a filter of "free" or "freeware."

Article Source: http://articlesite.info

 
 
 

Latest Virus Threats

Recent Posts

Article Archives