Thursday, September 27, 2007

Know, Who is Watching You

Emails are not the only way of delivering trojans onto your hard-drive – if you unwisely click on any links in them – but online in any direction you go cyber-cruising is fraught with a never ending minefield you will have to tread extremely carefully to avoid infection by virus or trojan.

In another article I wrote about trojans being downloaded by unsuspecting visitors to blogs clicking on a link in a 'comment' and leading to downloading a trojan – not the expected pdf or other information.

The sophisticated ease by which trojan writers can make these 'virtual spies' and send them out to the gullible populace online is breathtaking in it's concept.

Underground hacker sites are forums for discussing how to make 'worms', 'virus' and 'trojan' code work to do whatever the intended use is. A lot of these users of these underground hacker forums are 'script kiddies' with no more sophistication than any other 'normal' ten or twelve year old – but the damage by what they do can run into billions of dollars in costs for the 'clean-up' of servers and hard-drives – the anti-virus makers are making a killing selling the latest product to find and remove trojans and virus code from hard-drives world-wide.

The explosion of 'malware' is giving concern to security experts who have the task of securing networks of computers that may encompass the world, and therefore, the entry points for such 'malware' are numbered in their thousands – very large sites with bank and credit card details are especially targeted for information by trojans in particular.

“Worms' are also traveling the internet right now looking to land on any network of computers they can find – it's impossible to get rid of them, you would have to close the internet down altogether to do that – they are designed to look for bank account numbers, credit card details, password and username pairs – giving access to such online organizations as Paypal, Ebay, Etrade, Wellsfargo and many others.

“Worms' are coding that 'learns' and then 'mutates' to adapt to what it has learned – it then replicates itself in all directions it can go to land on yet more hard-drives. The coding of a 'worm' can be totally different to a 'worm' on some other computer somewhere else, due to the fact that they 'learn' and add code as they travel different networks – so therefore, anti-virus software may not detect the 'signature' of a 'worm' on a different network at all, leading to anti-virus software makers sleepless nights trying to keep up with all the different 'signatures' required to download to their subscribers so as to keep their software – reasonably - up to date with anti-viral 'definitions'.

On some underground hacker forums a 'phishing kit' is available for free download – this allows username and password pairs for internet banking to be discovered and the information can be emailed to a 'throw-away' email address inbox to garner the details – but not only the user of the 'phishing kit' gets the information – but the maker of the kit gets this information emailed to them as well.

If you thought – quite reasonably – that makers of trojans had to have a degree in programming languages – think again. Any 'script kiddies' can make a very sophisticated trojan to do whatever it's intended use is determined by the juvenile miscreant, in a software package called 'Shark2' – it's for free download and the program allows for inputting various attributes you want to imbue in the trojan via an intuitive interface – and just click and your trojan code is ready for business.

It is known that a miscreant can add instructions into the trojan code quite easily to operate software on a hard-drive, and even – switch on the 'web cam' to see what unsuspecting users are actually doing in the room near their machines.

No comments: