Beware Malware, Everywhere!

Let this article at ComputerWorld’s Security Manager’s Journal serve as a warning to us all.  Even those who are employed in the Information Security profession are subjected to, and sometimes prone to, malware infections.  Just because you know a little something about a subject doesn’t mean that you are immune to the cleverness of others.  Most, but not all, of my malware infections have been intentional as part of my research, as a learning experience, or in order to gain a sample to study and understand.  Malware authors are no longer the pimple-faced kids, swilling JoLt in some dingey basement, looking to gain notoriety among their nerdy friends by causing a little disruption on the Internet for kicks.  Malware authors have grown up a bit, and are now motivated by greed.  They are committing fraud, and doing so in a business like fashion.

This will not be news to most people that have had a computer for a few years, but may surprise some.  Malware authors have entered the business of organized crime.  They sell their services to, produce customized code for, and share profits with the same groups or affiliates of the guys that are running drugs and guns.  Online is where the money is, and the risks of getting caught remain low.  For the top dogs, anyway.  Not so much for the guys on the ground sho actually gather the credentials, move the money around, and are often left holding the virtual bag.  Those are the ones that most often get busted.

Everywhere that you turn online these days, you are taking a risk.  Malware can be delivered very easily from porn sites.  These sites are always looking to separate you from your cash, and are not above selling re-directs to malicious fraudsters.  Their business is seedy to begin with, so what’s a little extra coin gained anonymously?  I have trolled some of these sites (for research purposes only, of course 8) on occasion, and it is not uncommon to be redirected to some other site 2/3 of the time you click on a link or picture.  Out of the links and pictures that I merrily clicked away on, at least 2/3 of those either attempted to load some malicious code, presented a questionable pop-up, or offered some sort of nebulous download.  This of course is not the only way to get infected these days.  Malicious code distribution is taking place regularly on legitimate web sites through online ads, where the malicious “vendor” purchases ad space from a legitimate ad supplier, and provides an ad that contains malicious script, or when clicked through, loads code from the directed site.  these ads are served up by many, many sites unknowingly, as they present the rotating ads.  Other legitimate sites are probed for vulnerabilities, in the code they use, the back-ends they connect to, or the add-ons that they support.  Once a vulnerability is found, code is injected into the pages that either infects or directs the browsing user.

Continue reading