With most people having better anti-malware software on their Windows pcs, malware makers have moved to easier targets. In particular there are now numerous malware threats on Android and Mac devices.

Check out these latest ones:

Fake Angry Birds Slingshot Malware Onto Android Phones – Ina …

Rovio and antivirus makers are warning of malware-laden software posing as the latest in the disgruntled aviary game franchise.

Apple releases removal tool for ‘Flashback’ malware

Apple on Thursday released Java update for OS X that removes a number of common variants of the Flashback trojan virus. Discovered last week to have in.

More devious Android malware discovered

DroidKungFu and TigerBot, two pieces of nasty malware that target Android devices have been recently revealed by security researchers.

How to spot Android scam and malware apps | ExtremeTech

With a quick 60-second check of an app’s Play Store listing, you can avoid almost all Android malware and scam apps.

It is possible to get anti-malware software for most devices these days, but in reality a little forethought and common sense is all that is needed.

Beware the antivirus phone call.

One of my clients’ neighbours got an unsolicited phone call recently offering to clear his pc of viruses as there were a lot in his area!. Unbelieveably he gave them remote access to his pc and they “cleaned” his pc of viruses.

Then he paid them £160 by credit card for doing so. He is now waiting for his identity to be cloned, and his card to go over limit.

It might have been genuine but I doubt it as viruses are not locality specific! So be aware out there! Don’t give people you have never met/ heard of access to your pc, especially if they phone you out of the blue, and very especially don’t give them your card details.

We all hear so much about malware but do we know what it all means. Here is a simple guide to explain it all.
Malware:

Malware is short for malicious software and is typically used as a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network, whether it’s a virus, spyware, or anything else. So now I’ll break down the various categories and explain the differences.

Virus:

Viruses are computer programs or scripts that attempt to spread from one file to another on a single computer and/or from one computer to another, using a variety of methods, without the knowledge and consent of the computer user. Many users define viruses simply as trick programs designed to delete or move hard drive data, which, strictly speaking, is not correct. From a technical viewpoint, what makes a virus a virus is that it spreads itself. The damage it does is often incidental when making a diagnosis. A worm is a specific type of virus that propagates itself across many computers, usually by creating copies of itself in each computer’s memory. Viruses used to be the main type of threat computer users saw. Now however there are many more types of computer threat.

The most common method used for spreading a virus is through e-mail attachment. Sending a virus, even if designed to be harmless, can cause unforeseen damage.

A virus scanner is the most common tool for prevention. This tool attempts to scan a computer program before it runs, and if it recognizes the signature of a malicious code, it shuts it down. Many scanners also evaluate programs to determine if it contains any virus-related characteristics.

In the next part I’ll look at trojans.

In part 1 we looked at viruses. In this part we look at trojan horses and cookies.

Trojan Horse:

A Trojan Horse meets the definition of virus that most people use, in the sense that it attempts to infiltrate a computer without the user’s knowledge or consent. A Trojan Horse, similar to its Greek mythological counterpart, often presents itself as one form while it is actually another.

Trojans typically do one of two things: they either destroy or modify data the moment they launch, such as erase a hard drive, or they attempt to ferret out and steal passwords, credit card numbers, and other such confidential information.

Trojan Horses can be a bigger problem than other types of viruses as they are design to be destructive or disruptive, as opposed to viruses and worms where the coder may not intend to do any harm at all. Essentially this distinction does not matter in the real world. You can lump viruses, Trojans, and worms together as “things I don’t want on my computer or my network”. Many trojans are now delivered using virus technology, including the ability to self-replicate across computers in networks.

Recent examples of Trojans include fake anti-virus software. Here the user is presented with a pop-up which claims to have found lots of malware, and requests the user to pay a sum of money in order the program be activated and clean the “found” malware.

The methods for dealing with Trojans are generally the same as for those for dealing with viruses. Most virus scanners attempt to deal with some of the common Trojans with varying degrees of success. There are also specific “anti-Trojan” scanners available.

Cookies:

A cookie is just a bit of text in a file on your computer, containing a small amount of information that identifies you to a particular website, and whatever information that site wanted to retain about the user when they are visiting.

Cookies are a legitimate tool used by many websites to track visitor information. As an example, I might go to an online computer store and place an item in the basket, but decide not to buy it right away because I want to compare prices. The store can choose to put the information about what products I put into my basket in a cookie stored on my computer. This is an example of a good use of cookies to help the user experience.

The only websites that are supposed to be able to retrieve the information stored in a cookie are the websites that wrote the information in that particular cookie. This should ensure your privacy by stopping anyone other than the site you are visiting from being able to read any cookies left by that site.

Some cookies however are not so good. They may track your Web surfing habits across many different websites without informing you, and then use this data to customize the advertisements you see on websites, etc., typically considered as an invasion of privacy. Good anti-malware programs are able to scan for and identify many of the bad cookies, taking appropriate action against them, normally deletion.

Next time we’ll look at general spyware and rootkits.

Previously we have looked at malware and viruses (part 1), and trojans and cookies (part 2). This time we look at general spyware and rootkits.

Spyware:

The spyware problem is similar to the cookie problem from the point of view that both are an invasion of privacy, although spyware is different from cookies, technically speaking. Spyware is a program that runs on your computer and, again, tracks your habits and tailors these patterns for advertisements, etc. Because it is a computer program rather than just a bit of text in a cookie, spyware can also do some nasty things to ensure that the spyware keeps running and keeps influencing what you see.

Spyware programs have to be downloaded in order to work, however they are commonly downloaded without the user knowing. Common tactics for surreptitious installation include rolling up advertising programs into “free” shareware program downloads, and once the spyware is installed it can download advertisements 24 hours a day and overlay them on websites and programs you are using.

Some forms of spyware monitor a target’s Web use or even general computer use and sends this information back to the spyware program’s authors for use as they see fit. Other forms of spyware take over parts of your Web browsing interface, forcing you to use their own search engines, where they can track your browsing habits and send pop-up advertisements to you at will.

The biggest concern regarding spyware is that most of them are poorly written or designed. Many people first realize their computer is running spyware when it noticeably slows down or stops responding, especially when doing certain tasks such as browsing websites or retrieving e-mail. In addition, poorly written spyware can often cause your computer to function incorrectly even after it has been removed.
Rootkit:

A rootkit is a collection of malware and other tools which use stealth technology to keep themselves hidden from the user and often even from the operating system. It enables an attacker to have “root” (administrator) access to the computer. For example, it can intercept requests to a file manager such as Explorer and cause it to keep certain files hidden from display, even reporting false file counts and sizes to the user. Because rootkits can use stealth technology and hide themselves from both the user and the operating system they are generally very hard to get rid of. Specialist sotware tools are required.

Next time we look at the latest trends and how we can protect ourselves from the huge arsenal of online threats.

Previously we have looked at malware and viruses (part 1), trojan horses and cookies (part 2), and spyware and rootkits (part 3). This time we look at latest trends and the forms of protection you can take to prevent your computer being infected.

Latest trends:

Most malware these days are not written by students or amateurs but by highly qualified criminal gangs using all the techniques of modern software writers. Malware is becoming increasingly complex and clever and often “protects” itself against anti-malware solutions, even shutting them down. Some malware are extremely difficult to remove, and even when removed leave the computer “damaged” in some way.
Protection:

This all sounds very scary, but there are some good ways to protect yourself against getting malware on your computer.

Firstly, make sure you install a recognised anti-virus system on your computer. There are many good ones, some are even free for consumer use. Check out our links section if you need some examples. Never “surf” the web without protection.

Keep your computer’s software patched and current. Both your operating system and your anti- virus application must be updated on a regular basis. You should also check for other software updates on a regular basis. The bonus here is that as well as getting potential problems sorted out you often get improvements and additional features to the software.

Only download updates from the manufacturers websites, or use the software’s own updates tool (generally located in the “help” menu).

Always think before you install something, weigh the risks and benefits, and be aware of the fine print. Does the lengthy license agreement that you don’t want to read conceal a warning that you are about to install spyware?

Install and use a firewall. If you are running Windows XP SP1 or later, Vista and 7, you can use the built-in software firewall under Control Panel, and there are free versions of firewalls that work on all versions of Windows.

Make sure your important data, documents, photos, etc are regularly backed up, just in case the worst happens and a virus takes out your system.

Prevention is always better than cure.

Future articles will deal with removal of malware should you be unfortunate enough to get some.