Before the arrival of Windows 95, the creators of self-replicating malicious code were deeply concerned about the potential consequences of the new OS on the future of their activity. After the historical generation leap from DOS to the windows-based GUI, however, virus writers gained new confidence in their abilities, expanding their horizons and developing inclinations that occasionally turned into true megalomania. Some of the VXers from the Nineties had the god complex, and they didn’t hide it at all.
In April 1994 computing was still young, operating systems worked from the command line and the PC still had to become the universal phenomenon which later turned into a commodity like everything else. Microsoft was about to radically change things by releasing Windows 95, but there was another group of technophiles concerned with the generation leap from the prompt to the windows-based GUI and the consequences that it would have had on how the low-level code ran.
Trend Micro recently discovered a new malware family, classified as PE_VIRLOCK and designed as a combination of two different types of malicious code. The first type is related to a past when we still talked about computer “viruses” and not cyber-crime, while the second one is one of the most successful malware-based businesses of the past years. VIRLOCK is a ransomware which is capable of spreading through file virus techniques, and the worst part is that its evolution isn’t complete yet.
Before growing into a worldwide phenomenon run by the worst cyber-criminals gangs out there, spam was an annoyance limited to the few intimate users of the ARPANET network. It was there, before the technology at the foundation of ARPANET gave life to the modern Internet, that 36 years ago the Digital Equipment Corporation (DEC) marketing manager Gary Thuerk sent what is officially acknowledged as the first mass marketing e-mail in history.
One March many years ago, when the IT industry was rather different compared to the modern one, two computer viruses brought panic because of an out-of-scale media attention. Born out of a time when the “malware” (an unknown term then) creators were largely interested in fame more than money, the viruses ended up making substantial damages valued (in one of the two cases) more than 1 billion dollars.
In an age where malicious code has turned into cyber-crime and ransomware is asking for lot of money to unlock the access to user’s files, a particular class of malware with ancient origins is still able to survive - even though it’s forced to serve the needs of the aforementioned crime. The class I am talking about is the virus or file virus one, a type of digital pathogen that raged in the MS-DOS times and then began to slowly wane when Windows appeared and Internet worms brought their worldwide epidemics.
The CryptoLocker ransomware is still raging on-line and on users and companies computers, while new details about the source of this dangerous file-abducting trojan propagation come out and willing developers are trying to hinder the infection spreading. The criminal gang which created the malware even comes up with new ways to take money from users affected by the threat, even though in doing so it is forced to contradict itself.
A new ransomware for Windows PCs is roaming on-line, it’s called CryptoLocker and brings a very dangerous destructive potential. Security enterprise Sophos warns - via Naked Security - users and system admins about the new threat, its features and the fact that the “prevention is better than a cure” rule is true now more than ever. Curing the damages of a CryptoLocker infection, Sophos warns, is impossible for the time being.
If there is something worse than dealing with an antivirus company which tries to sell you security a dime a dozen, it is discovering that the aforementioned company has no intention of withdrawing from its ominous intentions: Avira continues to do marketing on my PC as I already became aware months ago, and this time it’s something connected with on-line storage which notoriously is one of my preferred technologies I always say good things about every time I can.
Symantec recently detected a computer threat belonging to the ransomware category, a malware that is dangerous because of the way it attacks PCs based on Windows operating systems even though it isn’t particularly complex to defeat. Trojan.Ransomlock.AF, as the malware is named, targets users of the Chinese Internet with an account on Tencent QQ (or “QQ”), an instant messaging service that is very popular within the Asian country.
Trust in your antivirus software is important, especially if you have willingly paid to purchase and install it on the PC. When the antivirus starts to sell some sort of advertising message shown after an automatic update as security, however, the aforementioned trust begins to leave place to delusion and you ask yourself who is dumber: you paying to be mocked or the genius that decided to turn a protection software into a carrier of cheap marketing.
Someone could think that the strategies currently executed by cyber-criminals to extort personal information are sophisticated, dangerous and antivirus software-proof. Maybe it’s just like this, however it’s as much true that next to the fine technique the aforementioned criminals still use dirt cheap tricks against which there wouldn’t theoretically be any need for the antivirus at all. It would be enough to have one’s own brain always turned on when in front of the screen.
File sharing platforms abuse by malicious code is a fashionable habit since years now. A malware usually just checks if the infected machine hosts a peer-to-peer software, but the W32.Changeup worm detected by Symantec (among the others) goes beyond and rather than searching for a P2P tool it installs its own “private” eMule copy to replicate itself. The malware is noteworthy for its ability to “assist” downloading and spreading of additional computer threats.
Computer threats are continuously evolving, and there is who would even pretend that they did the leap from the machine to man by infecting RFID microchips installed under the skin. But even though they remain a “simple” IT issue, some malicious codes are a problem difficult to tackle because of their inherent complexity and an intelligent design capable of constantly putting security companies under pressure. A remarkable “intelligent” threat is for instance Sality, the new generation file virus that according to Symantec has practically turned into an “all-in-one” malware incorporating botnet-alike functionalities as well.
Gary McKinnon lost another battle in his long legal war against the extradition to United States when, some days ago, Home Secretary of United Kingdom refused to examine the new medical evidence submitted by the defendant. In a letter dated November 26 and directed to lawyer Karen Todner, Secretary Alan Johnson expressed his “firm view that McKinnon’s extradition would not be incompatible with his human rights“, therefore “his extradition to the United States must proceed forthwith“.
The AV-Comparatives Austrian labs have just released their antivirus test for November. Following the usual practice of alternating (during the year) the analysis of the known malware detection rates and that on the antivirus software proactive capabilities, report n.24 follows the previous one related to the malware test-bed collected between January and August 2009 but, contrariwise to this last one, compares the same products to more than 23,000 new samples gathered within the week following the antivirus signatures update.
During the past weeks AV-Comparatives released the results of its latest antivirus software tests. Report n.23 follows the previous one released in May but it tackles, as the Austrian experts usually do, malware detection rates achieved by the antivirus programs when confronting a test bed of known threats.
It’s celebration time for Avira, the German security company headquartered in the little town of Tettnang best known for its renowned antivirus software. AntiVir Personal, the free antivirus offered by Avira to its customers has recently marked its tenth anniversary, and to properly celebrate the occasion the company prepared a special offer for who decided to purchase one of its commercial products within the next few days.
Austrian eighteen years old Peter Kleissner recently become famous for being the author of Stoned, the tool which exploits Master Boot Record rootkits techniques to bypass Microsoft operating systems protections and allow the execution of unauthorized code - be it legit or not. But the popularity the young programmer gained thanks to Stoned caused disagreeing reactions by security market companies.
In the last part of August, the malware known as Induc was the subject of reports and alerts from the main antivirus and security software manufacturers. Kaspersky, the Russian company that claims to have been the first to detect and report it, returns to look more closely at the issue revealing some important details on what seems like a unique case in the recent malicious software landscape.