Virus-related Terms for Dummies (or college students)

In our tech-savvy world, we all generally like to think that we are in the know about technological innovations, uses, and lingo, but sometimes we get stumped when we really think about what certain things mean or don't mean.

This blog is mainly about viruses, but is it solely about that? Maybe not. It's hard to talk about viruses and not mention other words such as "worms" and "trojan horses," for example. What do these three things mean? I think a lot of us, myself included, might be tempted to say that they are one in the same. Although we might not be too far off, there are a couple specific differences that this blog will address. These definitions and explanations will be good to know, especially as knowing what exactly each term means can allow us to protect ourselves better on the web.

So, here we go:

• Viruses: The most common, this term is basically describing what we think of when we refer to different malware terms. The easiest way to identify a virus is seeing if it lines up with 2 main criteria, according to the source used for this article (Symantec Corp.):
1. It must execute itself. It will often place its own code in the path of execution of another program.
2. It must replicate itself. For example, it may replace other executable files with a copy of the virus infected file. 

An example of this is in the previously blogged about "ILOVEYOU" virus. It executed itself when clicked on, with users thinking they were opening a .txt file, and once it did, it replicated itself by overwriting music and media files. 

• Trojan Horse: these, explaining their name, are basically impostors. Trojan's disguise themselves as a desirable file, but are in fact very malicious. They contain malicious code that, when triggered, attacks and steals data. 
• The difference between Trojans and Viruses: unlike viruses, Trojans DO NOT replicate themselves, they just attack when executed, and don't necessarily linger.

• Worms: often, this term is used interchangeably with the term "Viruses," and the reason is because they aren't extremely different. Worms ARE programs that replicate themselves from system to system. The DIFFERENCE is that they don't technically use a host file, but travel in one that the worms themselves release. 
• Worms generally travel in commonly used files like Word or Excel, and what they do is they themselves (the worms) release one of these files with the worm already inside it. This file will then travel computer to computer without the knowledge of the infected. 

Was this helpful? Did it clear up any thoughts or questions? Which of the three worry you most? Let us know!

Source:

• http://www.symantec.com/business/support/index?page=content&id=TECH98539

Looking for Love in all the Wrong Places?

It has been 13 years since the ILOVEYOU virus affected millions of computers by preying on a basic, non-technical human desire: to be loved. I think many of us like to think that we are so much more careful and savvy on the internet today, in 2013, able to spot obvious phonies on the internet, but that wasn't always the case, right?

The year 2000 seems like eons ago, both generally and technologically. Life on the internet has come a long way. Think about this: in 2000, "The Great and Powerful Zuck" was THREE years away from creating "Facemash," the first predecessor to Facebook. Feel old now? I sure do.

The ILOVEYOU virus, created by Filipino student Onel de Guzman, sent millions of emails with the subject line "I love you" and contained nothing but an attached file: "LOVE-LETTER-FOR-YOU.txt." Once that file (in reality an executable-upon-opening .vbs file) was opened, it flooded the computer by overwriting existing music files and multi-media files. Today, this virus is still remembered in two ways:

1. Because of the sheer devastation of the virus.
2. Because of the viruses and spam that still use a similar strategy.

Many of us have probably experienced something similar to this on Facebook: you are perusing your newsfeed, when you see a notice on the side of the page that says something like:

"SOMEONE YOU KNOW HAS A CRUSH ON YOU!!! CLICK HERE TO FIND OUT WHO!!!"

You just encountered the "Secret Crush" application, a widget that, once clicked on, would lead you to download the application and then send an invite to five of your facebook friends. Needless to say, this led to many disappointed, love-hungry teenagers and probably even more disappointed parents who had to get these viruses removed from their home computers.

The Secret Crush virus proved that using the social strategy of preying on the heart is still a viable and successful strategy for virus and malware development. It's true, we're smarter than we were in the ILOVEYOU days, but obviously not smart enough for these strategies to be abandoned.

Can you spot a phony? I would argue that spammers, hackers, and internet fiends are still using the same strategy of preying on human desires in 2013, do you agree?


Sources:

• http://www.pcmag.com/article2/0,2817,2363172,00.asp
• http://www.techradar.com/us/news/software/applications/internet/web/secret-crush-virus-spreading-on-facebook-180422

Do Macs get Viruses?

Yes, but the perception is that they are safer. Is this true or just a myth supported by Apple and their fans? Below is an image from Apple and how they market the safety of their device.

While it claims that Macs don't get PC viruses it fails to mention that Macs do get Mac Viruses. One of the more commonly known reasons that Macs don't get viruses is that there are less of them so it would be less efficient to target them. Also, by the same logic virus writers would have more experience on the Windows OS. But are Macs inherently safer? Some sources say no, the OS has no more security than Windows, while other sources say yes. Lets take a look at some of their arguments. Macs do have security built in such as not allowing files to act in certain ways or access certain parts of their system. They have encryption built in to prevent a hacker from reading your files. Some argue that the UNIX platform upon which Mac OS X is built on is a tried an tested secure system.

So have there been any widespread viruses on Macs? Yes. One such case was the flashback virus. It infected more than 700,000 macs masquerading as a Adobe Flash installer. It would gather usernames and passwords to programs and websites. Apple's own security has been updated to remove this, but the virus developers have been modifying it to bypass this security.

So knowing this, even though Macs are more secure that does not mean that you should be "reckless" with your computer. Just because something is less likely to hurt doesn't mean that you should forgo protection.

Who owns an Apple computer? Did you buy it because of its resistance to viruses? Do you think they are more secure? Is it worth it? Discuss below
References:
http://www.computerhope.com/issues/ch000737.htm
http://news.cnet.com/8301-27076_3-57410050-248/mac-flashback-malware-what-it-is-and-how-to-get-rid-of-it-faq/

Android & iOS Malware

How many of you own smartphones or tablets running Android or iOS? As many believe that we are moving into the post PC world are viruses following the rest of technology over to mobile devices? Apple and Google have taken very different approaches to combating malware on their systems. Apple uses what some call a “walled garden” approach. They only allow certain apps through to get to their app store, testing each one for suitability. So far it has proven to be quite effective with less than 1% of malware on mobile devices is one iOS devices.

Android, meanwhile accounts for more three quarters of mobile malware. Why is this? A few reasons researchers have cited:

1. Android enjoys the highest market share for mobile devices.
2. Android is fragmented with some users on older devices not able to upgrade to the latest and greatest version, missing out on the latest security protections.
3. Google does not subject apps in the Google Play Store to the same scrutiny Apple does with their counterpart. Google allows apps into their store removing them if they have problems whereas Apple checks apps before getting uploaded, making sure they pass certain requirements.

The three most common types of malware affecting Android according to the Dept. of Homeland Security:

1. SMS Trojans- these will send text messages to a certain number which charges the user for the service.
2. Rootkits- Logs keystrokes, passwords, and locations without the users consent
3. Fake Google Play websites- The vast majority of malware in the google play store is weeded out by Google, however downloading apps from outside the Google Play store can present unnecessary risk.

What can you do to prevent malware on your mobile device?

1. Update you device. Unfortunately, many users are using outdated versions of Android many being unable to upgrade. Some people are eligible for a free upgrade to a new smartphone with a later version of Android. Apple has been able to update the vast majority of their users to the latest version of iOS. Google cannot do this as they do not manufacture the hardware.
2. Install a protection program
3. Avoid free Wi-Fi Hotspots, especially those that are not secured.

Its not all bad for Android though. Many of these problems with Android are being worked on by Google and in the future we may have a much more secure mobile operating system. Here is a graphic showing the different layers which malware must pass through. Note that some of the layers can be bypassed through users options.



How many of you use Antivirus on your mobile device? Who has gotten malware on their mobile device?
References:
http://qz.com/131436/contrary-to-what-youve-heard-android-is-almost-impenetrable-to-malware/
http://info.publicintelligence.net/DHS-FBI-AndroidThreats.pdf

You're Infected! -CryptoLocker Ransomware

Have you heard of the form of malware that encrypts your data and literally holds it for ransom? 

This malicious software is capable of withholding your personal information taken from your computer until you pay the writer the ransom they ask for.

This type of malware is not new. In fact it started in 1989 and instructed users to send $378 to an address in Panama in order to get their files back. Fortunately for the users, the perpetrator coded all of his attacks the same and helped track his activity and create ways to stop it.

The new form of this software that has surfaced, “CryptoLocker” has not made the same mistakes and is hard to crack once triggered.

CryptoLocker takes random hacking to a new level. The software is so discrete you most likely wont even notice it during the process. It could be swiping your business files, personal photos, and vital emails.

A 35-year-old woman from London recently received an email, which she thought was from her local bank. She didn’t think twice before clicking on the email, which secretly carried the CryptoLocker software that immediately started encrypting her personal data. She soon received a message saying, “Your personal files has been encrypted and you now have 95 hours to pay us $300”.

CryptoLocker currently only affects PC’s and can be removed with antivirus software but unfortunately its effects cannot. 

Source:http://www.theguardian.com/money/2013/oct/19/cryptolocker-attacks-computer-ransomeware 

Blink Before You Link - 10 Tips To A Less Risky Internet Experience

The internet can be a dangerous place to operate. Computer viruses currently cause billions of dollars worth of damage per year due to system failures, infectious data, increasing maintenance costs, etc.  So, how can we avoid these internet nightmares?

1. Use strong passwords: Give a hacker a password that is hard to hack! Use more than 6 characters, numeric and alphabetic values, as well as a mix of upper and lower case.
2. Read emails in text mode: Everything looks better in HTML mode, but this is a prime mode for spammers to hide malicious scripts.
3. Look at the file extension before you download: Some extensions such as exe, pif, and bat most likely contain some sort of virus.
4. Install anti-virus software and make sure it is up to date: Many users think that free antivirus software, such as those that come with your internet service, are adequate enough for full virus protection. However, these programs most likely will not detect the ever-growing list of threats a computer may face. Instead, users should download professional, business-grade antivirus software.
5. Employ a firewall: Using a firewall is like locking the front door of your house.. it prevents viruses from getting in.
6. Disable autolaunch: Set your computer so it doesn't autolaunch files, programs, emails, etc. without your permission!
7. Check for secure sites: In internet explorer a lock icon will display in the top right of the address bar.
8. Read all security warnings, privacy statements, and license agreements associated with any programs  before downloading or installing. 
9. Take advantage of internet security settings: control how much, or how little information you want to accept from a website.
10. When in doubt, Google it: If you are unaware of a link, warning, file, or anything suspicious, do an online search to see what other's are saying.

Sources:
http://windows.microsoft.com/en-us/windows-vista/how-to-know-if-an-online-transaction-is-secure
http://www.microsoft.com/security/pc-security/antivirus.aspx
http://blogs.comodo.com/pc-security/1289/
http://sbinfocanada.about.com/cs/management/qt/avoidvirusts.htm