• cloudservers

  • protectyourdata2

How Did I Get a Computer Virus?

Virus

This question has been iterated more times than I can recall over the years from computer users.  The candid answer is simple.  By using your computer you, the computer operator, allowed the virus in.  Beyond the firewalls and antivirus software the best and last line of defense against a virus is you, the computer operator.

Obviously you never intended the virus in voluntarily.   Hopefully I can provide some insight into how you “willingly” allowed the virus in and guidance toward awareness of this process and how to avoid future potentially catastrophic situations resulting from a maliciously destructive virus.

With today’s email scanning systems it is rare to see an email with an attached file containing a virus.  Most contemporary filtering software will filter nearly all virus email.  The “bad guys” out there know this and have shifted their attention toward a multi-phase attack.

Let’s use a real world example.  The file I want to download is called FileZilla (client) which is an FTP client used by many of us to upload or download large amounts of data across the Internet.  In order to get the software I run a quick Google search for “filezilla client” which reports back the following:

 

FileZilla search results

 

As you can see we have a number of results each suggesting they are the source to download the file.  Clicking the top link takes me to Sourceforge which is a website catering to downloading files.    From here I see a link to download the file so I click to download and the installer asks permission to run the program.  As this is a program I am wanting and assume this software to be clean “freeware” I allow the program to run.  Next I see this window:

 

 

 

Download manager

Clicking Next brings up:

 

agmt

 

But wait, this isn’t FileZilla.  This program is technically spyware and adware <click here to find out more>; a virus.  It intercepts your web searches and gives you their “view” of the results while reporting back to a central server everything about your web browsing to sell on the open market.  So, I will click on the decline button to the next screen:

 

lnky

 

 

This is also not Filezilla rather another malicious program called Linkey.  Although technically not a virus this software installs a “rootkit” to hook into the deep functionality of your computer to further spy on your computer, redirect web browser intentions, and allow back door access for a real virus to come on board. So, we click Decline and move along to this page:

dl

 

Note:  If I would have clicked ‘Accept’ then I would have two malicious software programs running on my computer.

Download is complete and I now appear to be able to click “Install Now” to install Filezilla.  Not so fast.  I may still be a victim of installing malicious software.  The issue here is the core program, Filezilla, is wrapped in another installer which may have other malicious software associated with the install which the Sourceforge installer simply doesn’t care to notify you about.

This form of software download, through websites like Sourceforge, has become very prevalent yet should, at all cost, be avoided.  Other sites doing this are Cnet.com and Filehippo.com to name a few.  The slippery aspect to this is companies, like Sourceforge.com, will claim you can download the intended software without the malicious software by clicking decline.  Unfortunately this is a problem.  The Sourceforge installer is analogous to placing the intended package you want inside a bigger box which you can’t see the contents of until you pull it out of the box.  Once pulled out of the box, whatever it is, installs on your computer; good or bad.

I used Filezilla for this example, however this applies to all free software.  If you can’t verify the software is clean or simply not sure then use an ounce of prevention by not installing the software.  Give us a call or email and we will direct you to a safe download location or take care of the install for you.  Most free software out there comes with the saying ‘no such thing as a free lunch’.   A few exceptions do exist such as downloading Adobe Acrobat PDF Reader from Adobe.com, which is clean software.

As a general rule, any software, which wants to install other software along with your intended software, should be avoided or you will almost certainly get a virus.

Yahoo Pays Big to Bug Hunters

Yahoo

TechCrunch has just reported that Yahoo has paid bug hunters $700,000 in rewards during the Bug Bounty Program’s first year. The program is a reaction to the security community’s complaints that the company was taking advantage of researchers by paying them a mere $12.50 in company vouchers for finding weaknesses in Yahoo’s products. In an attempt…

Uncertainty Just Before iPhone 6 Release

iphone6-blanc-02

The theft of high profile celebrity selfies coupled with a feeling that Apple has become stagnant in the area of innovation has investers nervous just before the release of the iPhone 6. Apple has been taking steps to beef up the security of its iCloud service but confidence is still wobbly.   You can read…

Password Management

Header_Code

Keeping Your Accounts Secure It seems that each new week brings another alert about hackers stealing account information and a warning to change your passwords. Having a strong password is not enough, criminals can get to your account through weaknesses that are outside of your control. Constantly changing passwords makes managing those passwords challenging. There…

Scaling Back Windows 8

Windows

TechCrunch has a great article on the direction of the next Windows operating system. It appears that the mobile emphasis of Windows 8 will be more balanced in the next operating system offering. The result is the same app-store and live tiles, but with a more Windows 7 like desktop experience.   Read  the TechCrunch article…

Microsoft.com 20 Years Ago

1994-1994Apr-1995Aug-MS-com

For throw back Thursday, the Microsoft blog The Fire Hose has posted some great old school screen shots of Microsoft.com over the past 20 years. Check these screenshots out here.

More Than 1 Billion Passwords Stolen

password

The Washington Post reports that Russian hackers have stolen more than 1 billion (with a ‘b’) passwords. This breach was made by the group dubbed CyberVor and was discovered by Hold Security of Milwaukee. Some of the passwords have been sold and others have been used to disseminate spam. Users are advised to change their passwords….

A Major Blow to the CryptoLocker Ransomware

crypto-locker

FOX-IT and FireEye have partnered together and have been able to recover the private keys used in the CryptoLocker encryption which locks users out of their own files. They have also been able to reverse engineer the devastating ransomware. As a result of their efforts infected users can go to their website, upload an encrypted…

Is Your Car Vulnerable to Attacks?

Car

As we pack cars with a growing level of tech, such perks and features could leave your car vulnerable to hackers and the results could be extremely serious. As CNN reported, researchers have demonstrated that cars can have brakes disabled or even have the steering wheel commandeered. These tests however were done with the hacker sitting…

Are USB Vulnerabilities Worse Than They Seem?

USB

As you may already know, USB drives can infect computers with malware or other malicious software. Many liken the situation to reusing a contaminated needle. At present there aren’t many tools that address this potential entry point for hackers, so it is wise to be cautious with USB drives and what is stored on them as…