Keylo ggers can be either so f twarebased o r

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: nlike viruses, wo rms do no t require an executable. So me wo rms scan f o r and install themselves o n vulnerable systems with stunning speed (in an extreme example, the SQL Slammer wo rm inf ected 90 percent o f vulnerable so f tware wo rldwide within just ten minutes).M. Bro ersma, “Slammer—the First ‘Warho l’ Wo rm?” CNET, February 3, 2003. Tro jans. Explo its that, like the mythical Tro jan ho rse, try to sneak in by masquerading as so mething they’re no t. The paylo ad is released when the user is duped into do wnlo ading and installing the malware cargo , o f tentimes via phishing explo its. While the terms abo ve co ver metho ds f o r inf ectio n, the terms belo w address the go al o f the malware: Bo tnets o r zo mbie netw o rks. Ho rdes o f surreptitio usly inf ected co mputers linked and co ntro lled remo tely by a central co mmand. Bo tnets are used in crimes where co ntro lling many dif f icult-to -identif y P Cs is usef ul, such as when perpetrating click f raud, sending spam, registering acco unts that use CAPT CHAsG. Keizer, “Bo tnet Busts Newest Ho tmail CAP TCHA,” Co mputerw o rld, February 19, 2009. (tho se scrambled character images meant to thwart things like auto mated acco unt setup o r ticket buying), executing “dictio nary” passwo rd cracking attempts, o r launching denial-o f -service attacks. Malicio us adw are. P ro grams installed witho ut f ull user co nsent o r kno wledge that later serve unwanted advertisements. Spyw are. So f tware that surreptitio usly mo nito rs user actio ns, netwo rk traf f ic, o r scans f o r f iles. Keylo gger. Type o f spyware that reco rds user keystro kes. Keylo ggers can be either so f twarebased o r hardware, such as a reco rding “do ngle” that is plugged in between a keybo ard and a P C. Screen capture. Variant o f the keylo gger appro ach. This catego ry o f so f tware reco rds the pixels that appear o n a user’s screen f o r later playback in ho pes o f identif ying pro prietary inf o rmatio n. Blended threats. Attacks co mbining multiple malware o r hacking explo its. All the News Fit to Print (Brought to You by Scam Artists) In f all 2009, bad guys po sing as the teleco m f irm Vo nage signed up to distribute ads thro ugh the New Yo rk Times Web site. Many f irms that display o nline ads o n their Web sites simply create placeho lders o n their Web pages, with the actual ad co ntent served by the advertisers themselves (see Chapter 14 "Go o gle in Three P arts: Search, Online Advertising, and Beyo nd" f o r details). In this particular case, the scam artists po sing as Vo nage switched o f f the legitimate-lo o king ads and switched o n co de that, acco rding to the New Yo rk Times, “to o k o ver the bro wsers o f many peo ple visiting the site, as their screens f illed with an image that seemed to sho w a scan f o r co mputer viruses. The visito rs were then to ld that they needed to buy antivirus so f tware to f ix a pro blem, but the so f tware was mo re snake o il than a usef ul pro gram.”A. Vance, “Times Web Ads Sho w Security Breach,” New Yo rk Times, September 14, 2009. Sites ranging f ro m Fo x News, the San Francisco Chro nicle, and British tech site The Register have also been hit with ad scams in the past. In the Times case, malware wasn’t distributed directly to user P Cs, but by passing thro ugh ads f ro m third parties to co nsumers, the Times became a co nduit f o r a scam. In the same way that manuf acturers need to audit their supply chain to ensure that partners aren’t engaged in sweatsho p labo r o r disgracef ul po llutio n, sites that ho st ads need to audit their partners to ensure they are legitimate and behaving with integrity. The Virus in Your Pocket Mo st mo bile pho nes are really po cket co mputers, so it’s no t surprising that these devices have beco me malware targets. And there are a lo t o f pathways to explo it. Malware might inf iltrate a smartpho ne via e-mail, Internet surf ing, MMS attachments, o r even Blueto o th. The “co mmwarrio r” mo bile virus spread to at least eight co untries, pro pagating f ro m a co mbinatio n o f MMS messages and Blueto o th.J. Charney, “Co mmwarrio r Cell P ho ne Virus Marches On,” CNET, June 5, 2005. Mo st smartpho nes have layers o f security to blo ck the spread o f malware, so hackers typically hunt f o r the weakest victims. Easy marks include “jail-bro ken” iP ho nes, devices with warranty- vo iding mo dif icatio ns in which security restrictio ns are o verridden to allo w pho nes to be used o f f netwo rk, and f o r the installatio n o f unsanctio ned applicatio ns. Estimates suggest so me 10 percent o f iP ho nes are jail-bro ken, and early viruses explo iting the co mpro mised devices ranged f ro m a “Rick ro ll” that replaced the ho me screen image with a pho to o f 1980s cro o ner Rick AstleyS. Steade, “It’s Shameless Ho w They Flirt,” Go o d Mo rning Silico n Valley, No vember 9, 2009. to the mo re nef ario us Ikee.B, which scanned text messages and hunted o ut banking co des, f o rwarding the nabbed data to a server in Lithuania.R. Lemo s, “Nasty iP ho ne Wo rm Hints at the Future,” Techno lo gy Rev iew , No vembe...
View Full Document

This document was uploaded on 01/31/2014.

Ask a homework question - tutors are online