Print 28 comment(s) - last by Boze.. on Apr 13 at 10:32 AM

Overall most threats have dropped, but "Misc Trojans" which include fake antivirus suites, are on the rise.  (Source: Microsoft)
Two rogue security software families are on millions of computers

When it comes to computer security, most users are aware that there are dangers, but are woefully unaware of what these dangers are.  They rely blindly on security software to protect them against these unseen evils.  Unfortunately, malware makers have caught on to this and have began releasing fake security suites that essentially do little-to-nothing to protect users, and even sometimes perform malicious actions.

Microsoft sixth Security Intelligence Report, covering the second half of 2008 details the rise of so-called "scareware" -- fake security suites feeding off user fear.  Microsoft takes a great deal of interest in computer security.  Not only is it going to soon be offering free antivirus software to Windows users, but it also has much at stake -- as the the operating system leader, its systems are the primary target of elicit internet activity.

While the new report covers many topics, perhaps the most interesting is its analysis of the rise of scareware mongers -- modern snake oil salespeople.  Describes the report, "The prevalence of rogue security software has increased significantly over the past [year and a half].  Rogue security software uses fear and annoyance tactics to convince victims to pay for 'full versions' of the software in order to remove and protect themselves from malware, to stop the continual alerts and warnings, or both."

The report identifies two software families --
Win32/FakeXPA and Win32/FakeSecSen -- which were the biggest threat.  The fake security suites associated with these families were found on over 1.5 million machines, making them among the most dangerous security threats.

This kind of deception has led some -- like
Alex Stamos, co-founder and partner at software security company ISEC Partners -- to suggest that "normal" users avoid internet use.  He stated at a recent conference, "The Internet cannot be safely used by normal people.  Most people are not prepared to make the technical decisions necessary to safely use the Internet."

Still, others argue that increased legitimate protection, which should expand to include better means of removing illegitimate security suites, can make up for user gullibility, to some extent.  Ultimately gullibility and irresponsibility continue to be key factors in the insecurity of the internet.  Of system breaches in the second half of 2008, over half (50 percent) were caused by lost or misplaced equipment by network users.

The report also finds that while operating systems like Windows are increasingly secure, the number of attacks on the application layer is vastly increasing.  Applications require a level of trust, but that trust in turn allows abuse.  Over 90 percent of vulnerabilities covered in the report targeted the application layer.  This explains why increasingly Mac computers are being hacked and made vulnerable, despite the general lack of interest in attacking the underlying OS.

Evidence of Windows Vista's improvements in security over Windows XP were evident in the survey.  Approximately
40.9 percent of browser exploits on Windows XP machines targeted Microsoft software, while only 5.5 percent did on Vista.  Microsoft's additions to the application layers, such as Microsoft Office, also have greatly reduced in number of unpatched exploits.  Describes the report, "The most frequently exploited vulnerabilities in Microsoft Office software were also some of the oldest.  Over ninety-one percent of attacks examined exploited a single vulnerability for which a security fix had been available for more than two years (CVE-2006-2492)."

While the report represents good news for Microsoft -- that its security efforts are working -- it's also bittersweet.  Microsoft is finding that security threats are increasingly not targeting its software.  That puts tremendous pressure on Microsoft to deliver with its upcoming antivirus software offerings, as customers have come to expect much from the OS provider in terms of security.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

too many people dont know...
By zshift on 4/10/2009 10:18:24 AM , Rating: 3
the problem isn't the software, it's users. more specifically, it's users being unaware of what they are using on their computers and how it works. These people usually get a small infection that shows a tooltip popping up from the taskbar saying that windows has detected a virus, "click here" for approved Micro$oft software to remove it." of course, any of us here would catch that on the spot, but most people have no reason to believe it's not genuine (no pun intended). the go to the site, see the program called "antivirus xp 20xx" (xx being any recent year of course, ive seen variations of this since early 08), and pay and download it because it looks completely legitimate. The problem is people have no reason to think its fake and they think it works. these are also the same people that have no idea what the difference is between office and windows, or what an operating system even is. these are some sad times we live in, because since i was 7 (yes, 7) i never had a problem figuring out the difference between windows and office. it never occured to me that they could even be the same thing.

RE: too many people dont know...
By HackSacken on 4/10/2009 11:50:39 AM , Rating: 2
I couldn't agree with you more. It's simply b/c of deception and ppl are unaware. The irony of it all though is the user almost usually has to go to a "not-so-creditable" site to initiate the deception scheme. If you stick to reputable sites, shouldn't be an issue. Heck, with that tactic, you can probably get away with not even loading actual Anti-virus software and other protection programs.

The issue probably arises almost as soon as someone goes to Google and "Feels Lucky," gets distracted by an ad promising an easy search toolbar with tons of smileys included.

RE: too many people dont know...
By HackSacken on 4/10/2009 12:04:57 PM , Rating: 2

Goes to google to search for free mp3s.

RE: too many people dont know...
By rohith10 on 4/11/2009 6:47:56 AM , Rating: 2
I kinda agree with most of what you said, but nowadays the million dollar question tends to be, "How safe is a reputable site?"

Legitimate sites can be compromised with attack code. In such cases, the anti-virus will be the only protection you have.

RE: too many people dont know...
By nixoofta on 4/10/2009 3:04:24 PM , Rating: 2
For more information about these threats:

Click Here


RE: too many people dont know...
By sinful on 4/10/2009 3:58:20 PM , Rating: 2
I tried clicking your link but it didn't work...I guess my interwebs are full again, where do I buy that interweb cleaner softwarez again?


RE: too many people dont know...
By inighthawki on 4/10/2009 3:35:36 PM , Rating: 2
I don't think the average person even needs security software at all. Just existing, windows doesn't get viruses, the user has to infect the computer, usually by visiting various "suspicious" websites. I myself don't use antivirus at all, and my system never gets any viruses. I had AVG installed for years and after never once getting a virus, i decided it wasnt worth it eating whatever resources it did. I obviously can't speak for anyone (or most people for the matter) but if i actually do get a virus i can reformat relatively easily, but the chances of that are slim anyway.

RE: too many people dont know...
By TomZ on 4/10/2009 5:09:07 PM , Rating: 2
Unfortunately that's not completely true. Many virus attacks on your computer can come through your network connection. Hence the reason most of us sit behind firewalls - which are a form of security software that we all need.

By inighthawki on 4/10/2009 8:14:57 PM , Rating: 2
Windows firewall has never failed me yet...

By Alphafox78 on 4/10/2009 8:37:30 AM , Rating: 2
I often see the AntivirusXP or 360 'scareware'. users claim they didnt click on anything but their browsing history usually indicates otherwise. sometimes a malicious script can get a PC infected without the end user clicking anything though. even with antivirus software you can still get infected..

RE: A360
By MrDiSante on 4/10/2009 7:23:29 PM , Rating: 2
If they didn't click through anything that means one of three things:

1) There's some zero-day in Windows; this is happening less and less often.
2) Their machine hasn't been patched since they bought it; despite automatic updates this still happen like you wouldn't believe.
3) They messed around with their settings previously to make their computer insecure; doesn't happen that often, you usually have to know what you're doing and do that on purpose to achieve it.

In all cases but one, it's the user's fault, and in the first case if they're running with UAC on, it has to be a non-IE zero-day which means they probably got passively attacked which means they're not behind a firewall. Long story short: in my experience, since XP SP2, whenever I've had to clean out a PC, the user has been asking for it.

RE: A360
By Boze on 4/13/2009 10:30:57 AM , Rating: 1
Yeah, I get this one a lot when I a relative or friend asks me to "take a look at" their machine. Most users are completely clueless when it comes to how their computer operates, and even worse, they don't want to learn, they just want to sit down in front of it and "do" whatever the hell it is they want to do.

Which is why I really have no sympathy when they get viruses, have their identities stolen, or other nasty things happen to them. Truthfully, I have an intense hatred for anyone that won't read through the manual, call technical support, or go buy a book to gain greater understanding of their computer and how it works... what's even worse is how everyone acts like their lives are just soo important and busy - "Oh, I have to take SoAndSo to baseball practice; I don't have time to do that, I have to make dinner; I can't read all this, I have to go pick up my granddaughter!" Well what the hell were you doing for the other 12 odd hours in your day? Couldn't squeeze in 15 to 30 minutes a day to cure your case of dumbass? Bullshit. The President is the only person that busy. The average person is just too apathetic and lazy to admit their too apathetic and lazy.

RE: A360
By Boze on 4/13/2009 10:32:22 AM , Rating: 2
their = they're... Ugh, gotta get an edit button here DT guys!

User Education
By Jeff7181 on 4/10/2009 5:01:03 PM , Rating: 2
It's disappointing and saddening that user education will never be an effective anti-virus solution for the masses.

I just hope Microsoft puts their knowledge of their own OS to use and creates the best (best detection rates, best at cleaning and best performance) Windows anti-virus software to date.

RE: User Education
By leexgx on 4/11/2009 2:53:00 PM , Rating: 2
i been loading on norton 2009 (ingore norton 360 as its old tech 2008 code bloted and slows the pc down) alot lately as AVG free is not picking stuff up it should be, stuff that norton miss late i am reporting it to them

By Spacecomber on 4/10/2009 11:29:54 AM , Rating: 3
Although fraudware often seems to be treated more as if it is just a nuisance, these programs typically shut down whatever security software was running on the computer, including windows security center alerts. As a result, they make it easy for more malicious programs to gain access to the computer.

Two Rogue Security Software...
By InfantryRocks on 4/10/09, Rating: -1
RE: Two Rogue Security Software...
By Lightnix on 4/10/2009 8:45:48 AM , Rating: 2
Norton would've made more sense to be honest. At least pick on something that claims to be security software like that OneCare suite. You're a terrible microsoft basher. You should have your Mac removed.

RE: Two Rogue Security Software...
By spuddyt on 4/10/2009 9:07:42 AM , Rating: 2
I'll fill in his response for you:
"no, take my penis, anything, just NOT THE MAC!"

RE: Two Rogue Security Software...
By Amiga500 on 4/10/2009 9:09:39 AM , Rating: 3
Agree on Norton.

Why anyone buys this invasive piece of sh!t is beyond me.

RE: Two Rogue Security Software...
By goku on 4/10/2009 2:41:23 PM , Rating: 2
Norton USED to be pretty decent (1999/8 anyone?) but after around 2001/2002 I started to become aware that Norton got the suck bug and I then had to transition to Kapsersky and then from Kaspersky on to a combination of nothing and AVG antivirus which still sucks, but less hard (lower system resource usage). I think all antivirus software sucks so I don't really depend on them any more even though we probably need them more now than ever before..

RE: Two Rogue Security Software...
By leexgx on 4/11/2009 3:12:42 PM , Rating: 3
the new 2009 norton works alot faster now it only starts do do things now when you have left the pc for 10 mins and if you come back as its still scanning it stop the scan or what ever task it is doing

anti virus providers need to make it faster for reporting virus

RE: Two Rogue Security Software...
By spread on 4/10/2009 12:09:03 PM , Rating: 1
The biggest security threat to your system is your dumb ass.

RE: Two Rogue Security Software...
By TomZ on 4/10/2009 1:46:51 PM , Rating: 1
Windows and Office?
I've run both those programs on various machines through what is probably more than 10 years now, and I've never had a virus.

Maybe the problem is not with the software, but with the person using the software...?

It's impossible to secure open PCs.
By reader1 on 4/10/09, Rating: -1
By C'DaleRider on 4/11/2009 6:08:41 AM , Rating: 1
Awwww, ain't that cute? You called Microsoft Micro$hit. Guess that makes you uber leet, doesn't it?

By keith524 on 4/13/2009 7:53:27 AM , Rating: 1
Does anyone else find the irony in the fact that a MAC is an overpriced PC with the MAC OS installed?

"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki