Viruses target social networks

Last week i fell victim to a virus. More correctly i fell victim to  a piece of maleware / spyware. Being as i a work in IT it didn’t cause to much of a problem, but it did make me take another look at the whole spyware problem.

The first think that surprised me wass that my current anti virus/maleware software had not picked it up. I’m a bit of a security control freak and actually run online, gateway , server and desktop Av, none of which detected or matched the patterns in this virus. The virus managed to set up its own proxy server on my machine, bypass my own proxy server, disable my local Av software and  run a number of exe files that mimicked the windows alert modules telling me the system had detected a problem and offering to install software to help. In fact even when i ran deep scans with trend, and spybot search and destroy, 2 leading titles in anti maleware they reported that my system was running normally with to viruses found. It was obvious that i did have a problem, in that there were around 160 exe files running and a new windows explorer window appearing every couple of minutes. It didn’t take long to do a quick google search on the individual exe files and find something that could remove it.

The second thing that surprised me, how easily i almost fell for providing my credit card details on a machine i knew to be affected. After 2 days of working on my laptop, while the very time consuming deep scans ran on my workstation,  I was so pleased to have found something that promised to kill the virus for once and for all that i very almost, went ahead and payed the $30 for an online license.

The third thing worth mentioning is how i fell for getting the virus in the first place. I guess it was a cross between a social engineering attach and a straightforward maleware attack. I in short i got a message on facebook inviting me to view a movie clip from a friend, this then took me to what looked like that persons you tube account, but where you would expect to see the movie playing there was a message saying that my version of flash player was out of date and to click to continue, the usual warning popped up before installing. All of which i clicked through, as it look so similar to a genuine flash updater. Next think you know i’ve restarted and all sorts of pop ups are saying a virus has been detected and linking to software products to purchase to remove this.

When you think about it, this is genius. The latest generation of internet users are very into social networks, but are much less tech savvy when it comes to security, and protecting themselves. They are so used to clicking ‘yes’,  ‘install’, ‘accept’, ‘i agree’, without reading anything of what they are actually agreeing to that they are easy targets when it comes to installing harmful stuff, like maleware and viruses. I myself am a classic example, busy day in the office and a box pops asking me to agree to an update to software i trust from a person i know and i say yes without a second thought.

It would seem that i am nt the only one thought, cnet this week reported on the koobface virus currently hitting facebbok users, and there are no end of others popping up everyday.

Viruses target social networks

Using a neighbour’s wifi?

If you are one of the millions of UK internet users, that think because one of their neighbours has an unsecured wifi connections, then they can get free internet access. Then you’d better watch out.

Under the 2003 Communications Act it is illegal to use another person’s service provider to access the Internet. The offence, carries a maximum penalty of five years in jail or a fine.

Often refered to as “piggy backing” or “cyber squatting”, using open wifi networks illegally is quite common, and up until now there have been few if any prosecutions of offenders. But on sunday 17th Feb the police were called to a home in Tweedmouth, Berwick, Northumberland, after a woman had reported two men behaving suspiciously outside her home. The two men were arrested on suspicion of allegedly logging on to another person’s internet connection illegally.

Both men were believed to have been checking their emails using the womans wireless broadband and have been released on bail pending further enquiries.

Berwick Neighbourhood Inspector Sharon Stavers said “This is a very unusual offence and it appears the two men were doing nothing more sinister than checking their emails and getting some time on the internet for free. However, this is an offence and people pay good money to have the internet in their homes.”

If you have an unsecured open wifi connection, then my advice would be to secure it as quickly as possible, using the highest form of protection you can, and not to publish the connection unless you have to.

If you need access to wifi away from home then, my suggestion would be to use one of the thousands of legitimate “hotspots” across the country. There are now free hotspots, on many trains, cafes, and hotels. Fast food restaurant McDonald’s recently announced that its 1,200 UK outlets would soon get free wireless internet access, for customers.

Using a neighbour’s wifi?