Nowadays, all you need to do is plug in a digital picture frame, and you lose your life savings.
Sound unbelievable? Guess again.
* Regular readers of this series should know that the hackers and viruses/malware of today aren't about ego, or twisted maliciousness, but are all about profit -- namely getting your money. It is cyber-crime, and you are the target. Your computer is their weapon.
* Regular readers will know that phishers send spam e-mails which contain links to fraudulent, malware-laden websites in the hopes that you will enter your account password so they can steal your identity (and drain your funds); and they know that merely visiting this site will "drive-by download" spyware (such as a keylogger) onto you machine, which will eventually report your logins... or anything else you type, like, your credit card number. [note:in April 2007, Google reported that it had found "hundreds of thousands" of webpages serving up malware.]
* Regular readers know that these hackers use trojan horses (a type of worm) to install a backdoor on your machine and turn it into a zombie (aka "bot", short for 'robot') under their control [ http://techpaul.wordpress.com/2007/06/14/the-fbi-and-operation-bot-roast/ ] which they then use, however they like, as part of their botnet. Typically, they use your machine to send spam and copies of the trojan horse (to make their network of bots larger) itself.
All very depressing stuff.
But what you may not already know, Dear Reader, is that these cyber-criminals are always looking for new ways to infect your machine, for the uses mentioned above, (okay; you might have figured that, though) and the method they're trying for is through the use of USB devices. So that, when we plug in our thumb-drive it infects our machine.. and any other machine we plug it into. The bad guys know that antivirus tools don't scan USB storage devices before they're opened ("accessed"). Because of this fact, I am very leery of thumb-drive give-away's (free gifts) and generally decline to reach into the bowl.
A security nightmare come true: What if the virus writers and cyber-criminals could get in cahoots with the device manufacturers (or, someone who works there) and pre-install their malware onto brand-new devices? Well, you would go to your local MegaGigaMart* and buy a new device, open the box (or 'blister pak'), plug it in, and bingo!, you're identity is stolen, fraud is committed in your name, your accounts are drained.. and your life is ruined. And consider this, folks-- darned near everything is made in China. If that isn't scary enough, what if the malware was undetectable? What if it could shut down all known antivirus programs? Don't laugh: it's real.
There are, right now, digital picture frames (which connect via USB) coming from the (Chinese) factory with a trojan horse pre-installed (and a while back, a few iPods were infected at the factory). This trojan seems to be -- for now -- limiting itself to stealing online gaming identities, but displays the fierce anti-removal characteristics of truly advanced malware. If it can be programmed to steal gaming identities (do I need to say it?) in version 1.0, who knows what 2.0 will be designed to steal?Scary, scary (and depressing) stuff.
Today's free link: For more details on the digital picture frame infection, please read Deborah Gage's article; "Trojan Horse probing defenses-- New virus is smart, aggressive and blocks antivirus protection at will", published in the San Francisco Chronicle, Friday, Feb. 15th. 2008. Business Section.
* Beware of "Hillary video" e-mail. (Source= Symantec) Spammers are taking advantage of the election season to send a poisoned link (it downloads a trojan) in an e-mail promising a video of an interview with Hillary Clinton. For details, click here.
Copyright 2007-8 © Tech Paul. All rights reserved.
Share this post : |
No comments:
Post a Comment