Saturday, May 28, 2011

Rogue "Antivirus", Security tools, and Botnets. OH MY!

It seems that ever since 2000, "virus" and malware creators have been getting more and more advanced at their deployment use of botnets. It used to be viruses would be used fun or bragging rights in getting your name out, like the Bubbles virus back in the Dos 6.22 days, which would add bubbles ( )o o() to all of your commands. The Stoned virus goes even further back to 1987, and gifted those it infected with a one in eight chance to see the message "Your PC is now Stoned!" on startup,  also writing the words "legalize marajuana" to your bootsector.

Viruses and Malware have come a long way from those primitive startups, evolving into the malware now called rogue security tools or fake/rogue antivirus programs. These programs no longer splash their creators political views on the screen, but instead hijack your computer and refuse to allow you do anything with the computer.

While most people understand that these fake antivirus attacks are mostly just a ploy to steal credit card information from the victims, many have no idea that these often tie the computer into a much bigger syndicate of crime.

Enter the world of the Botnet. Botnets are created by using programs or pieces of code that report back to a server (called the C&C, or Command and Control server) and can do anything from steal banking information (Zeus) to stealing passwords, redirecting your browsing through the attacker's computers, or even launch DDoS attacks on companies like Sony.

These botnets can vary in size and intention, but the basics are the same. (Click here to learn more about botnets) They allow the attacker to do whatever they choose, and most of the time you won't even know it's being done. The solution? Start with a good antivirus (I recommend Kaspersky Pure Total Security or Kaspersky Internet Security) and then add a little bit of good internet common sense.


Dejch said...

thanks for the info but i use nod32

d0h said...

NOD32 overlooks buffer overflows and exploits last time I checked. Exploit protection in KIS can eliminate many 0-day attacks based on heuristics and buffer attacks alone.

Grant said...

MSE ftw

neversettleforsecond said...

yup happened to a lot of my friends who didn't have antivirus. I'm running on Avira and can't be happier ;)

Post a Comment