Securelist / Blog
Securelist / Blog
  • The Winlock numbers, the Winlock laws

    While Eugene’s busy taking bets (wonder how much he’s going to make?), I’ve been having a think about the Winlock case.

    Russian law enforcement is estimating that the bad guys could have raked in as much as $1 billion. While it’s difficult to be certain about the exact amounts involved (obviously they spread their money across a lot of different accounts to avoid attracting attention), a little bit of simple math makes me think this figure isn’t as crazy as it might sound.


    Our statistical analysis tells us there could be around a million people who’ve been infected. 10 cybercriminals, each getting a cut of a ransom between $10 and $30 - even though they were paying out $3 per infection to the people willing to spread this malware, the numbers add up pretty quickly.

  • Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem
    The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.


    Some groups have been arrested. Some have had their operations and entire call support centers
    shut down.

    Some groups attracted too much attention, picked off
    the low hanging fruit and eventually walked away from their botnets.

    In some cases, the groups just weren't very skilled
    at developing anti-anti-malware techniques, blackhat SEO, and malware distribution. They couldn't keep up with the changes in anti-malware technologies,
    weren't exactly dedicated     to the effort, and simply fell off the map.


    However, some of the remaining scareware distribution gangs upped the ante and are aggressively developing difficult-to-detect polymorphic installers and difficult-to-remove support components. And the newest of these malware components include some of the first ITW 64-bit malware components to be taken seriously. But, for the most part, the scareware program itself remains the same. The development continues to change and progress, all for the purpose of evading anti-malware solutions and helping coerce the end-user to pay for the fake product, including support/rootkit components like TDSS (and its extreme complexities) or the more recent Black Internet (also known as "Trojan-Clicker.Win32.Cycler") support/rootkit components. These complex Mbr infectors and other rootkit components meant to maintain money-making scareware on the system are signs of this somewhat extreme development effort.

  • The Winlock case - I'm taking bets!

    Interesting news on Trojan SMS Blockers (Winlock etc). These programs block Windows and demand a ransom in the form of a text message which is sent to short number for a fee. It's a very popular type of racket at the moment, both in Russia and a few other countries.


    The whole affair has now reached the General Prosecutor’s office of Russia – the criminals have been identified and detained (or so it seems) and will be prosecuted in Moscow soon.

    Altogether the criminals have earned an estimated 790,000 roubles, or $25K. Moreover, they have caused other damages by blocking or crashing a yet to be determined number of personal and company PCs. Very often people have needed to re-install the OS and all software and then restore data from backups - even after paying the ransom.




    But I wanted to focus on the outcome – or the possible outcome of this incident, not on the investigation, arrests and so forth.
 
SpywareGuide Articles
Articles on Spyware, Adware, Malware and privacy in general
SpywareGuide Articles
  • DATA-THEFT WORM TARGETING GOOGLE'S ORKUT
    FaceTime Security Labs announced the discovery of a worm that steals users? banking details, usernames and passwords. The worm, known as MW.Orc, is propagating through Orkut, Google?s social networking site, as users launch an executable file disguised as a JPEG. Google has a temporary fix in place
  • The Digital Underground: Interview with RinCe
    This is Part TWO of a series of write-ups focusing on the recent threat to E-Commerce systems via potential IM (Instant Messaging) attack vectors and more besides, by way of a remotely installed administration tool and custom-built scripts, designed to find vulnerabilities in third-party payment sys
  • Property Values, Satellite Maps and Zillow
    A new service called Zillow allows you to easily access the value of your home...and your neighbors and even their neighbors. SpywareGuide articles are sponsored by FaceTime Communications, providing solutions for securing and controlling IM, P2P and Spyware Greynets.
Malware Or Spyware PDF Print E-mail
User Rating: / 0
PoorBest 

Submitted By: Ryan Larson

Malware is a new term used to describe malicious "mal" software "ware" that has no other purpose other than to destroy or disrupt a computer. Spyware and adware are considered to be malware.

There is only one reason for spyware to be put on your computer, and that's to make money, and no, not money for you. When you download those funny and comical files that your friends e mailed to you, free video or music files, free wallpaper, etc. spyware usually comes attached. The spyware industry is a billion dollar industry. There are people getting very rich selling the information they track about you and hundreds of thousands just like you.

Adware is a software program that also is attached with free downloads of many kinds. What adware does is cause pop ups on your computer, even when you're done with the initial site you visited. That means that anytime you're on your computer, surfing, checking e mail, or even working, annoying pop ups will appear.

There are ways for your to protect your computer. The first is for you to perform an on demand scan of your computer on a regular basis with anti spyware software. It is suggested that you re-boot your computer after the initial scan and then re-scan to make sure that there are no "ticklers" left behind on your computer. These ticklers are designed to reinstall spyware. Don't forget to run your regular anti virus software on a regular basis.

Next, stay away from free downloads. Don't open up unsolicited e mail from anyone. Delete it from your server without opening it.

It seems wrong that people can do this to you, and it is. It would be nice if it was against the law too. Well, someday it might be. There is a case in court in the State of New York right now. The State is suing a Los Angeles based company called Intermix Media for placing unwanted spyware on computers. If the State of New York is successful it could be the end of spyware.

About the Author
This article courtesy of http://www.adware-remover-guide.net

Published At: www.Isnare.com
Permanent Link: http://www.isnare.com/?aid=12666&ca=Computers+and+Technology
 
 

Latest Virus Threats

Recent Posts

Article Archives