MALWARE PREVENTION
virusvault.us
 
HOME   SIGNS OF MALWARE   HOW DID I GET MALWARE   MALWARE PREVENTION  P2P  EXAMPLES

Possible Ways To Get Malware:


OK so how does malware end up on a computer?

Malware can install to a machine in one of two ways (or both).
Internally, by that I mean user installed. Or externally,  via a vulnerability

1) Internal, User Installed:

There are many ways a user can unknowingly install malware. Social engineering is by far the most commonly used (and easiest) method. How? Social engineering: a action that relies on user interaction to start the attack.  Clicking on links or opening unknown unsolicited attachments in E-mail, falling for phishing attempts and spam. Clicking links and  installing files on social networking sites, chat rooms, IRC, web sites, instant messaging, blogs etc... Not every link or attachment will contain malware but  thinking twice about it will help. All it takes is to install a single trojan that will then install even more malware.

Use of p2p file sharing to download and install files to your computer.  File sharing is very popular and so is distributing malware via the various networks. Files can be mislabeled or be nothing but malware or have malware bundled in them. 

Installing software that has bundled malware in it. A seemingly harmless game or screensaver could install malware.

Use of warez, keygens or cracks. These are also very popular for carrying malware payloads. 

Visitng questionable websites or adult sites (that are set up just to push malware) to view or download content. Clicking on webpage links or being asked by a popup or website to install software to your computer for some reason. The majority of malware is installed by the user themselves one way or another.

Ok but I dont go to those websites, I dont use file sharing and I dont click on links or attachments or fall for phishing/spam attempts. Which brings us to the second way.

2) External, via vulnerability:

In order for a external "hack" to take place and be successful there must be some "inside help" already present on the machine. That  help could be a trojan you unknowingly installed yourself or it could be a vulnerability present on the computer.
Vulnerabilites are caused by having a "unpatched" operating system, browser or software. These vulnerabilities can be exploited to push, install and execute malware on your computer.

Web based malware is becoming more popular. What better way to install malware via a website that might see hundreds or thousands of visitors in a day and have that many potential victims to infect?

Its possible for legtimate/honest websites to host malware. At least until the site operator is made aware of it anyway. Your unpatched browser or operating system could have a vulnerability that could be exploited. Your web based applications like Adobe Flash/Reader, Quicktime etc any application that might interact with a web site may have vulnerabilites.

 Driving traffic to the malicious site is done in several ways: you could be redirected to a malicious website from the compromised legitimate site, clicking a link could take you to a malicious website, so can a link in spam, a blog, ads etc.
The malciouis web site then possibly could take advantage of your unpatched browser or web applicatons to push install and execute malware on your machine.

 The best defense for this is to keep your version of Windows up to date by visitng Windows Update regularly or using the auto-update feature. Also keep all web based applicatons updated. The updates will 'patch' the vulnerabilities. No "inside help" no hack can take place.  In Vista and Windows 7 keep UAC (User Account control) turned on. This will prevent the malcious code from writing to and executing from the system32 directory. 


Ok but I am not worried about it. Nothing on my computer anyone would want!

What about your personal data? Maybe your social security number would come in handy. Certainly a hacker could sell your financial data like banking and credit card numbers on the internet. Passwords? do you use websites that require passwords to log in? Pay Pal, E-bay, social networking accounts, a FTP account? These would certainly be valuable to use or sell.

Even if you dont do online banking, passwords etc your computer could still be used. It could be remotely controlled to send out spam which would look like its coming from your computer. It could be used as a proxy for relaying internet communications via  your computer.  It could be used along with many other remotely controlled computers to direct attacks against web sites or other individuals.

see also signs of malware or prevention
All Right Reserved © 2005, last update by DMA 11/09  Made with Nvu
 
Design downloaded from Free Templates - your source for free web templates