Technology
Written by Alma Anonas-Carpio / Correspondent
Thursday, 12 March 2009 00:15

THE latest virus and malware threats are insidious and sophisticated and they use social engineering principles to entice potential victims to willingly, if unwittingly, install malicious computer code in their machines.

This was the warning aired on Friday during a press briefing in Makati City by Craig Johnston, channel manager for the Asia-Pacific region of computer protection software developer Eset. At the top of Johnston’s list of major threats is fake anti-malware. Johnston gave a briefing during the soft launch of Eset’s new line of anti-virus and anti-malware products, which includes the NOD 32 Antivirus 4 and the SmartSecurity 4.

“A pop-up will often come up, saying you need anti-malware or that a malware or spyware has been detected in your computer and then a pop-up asks users to click [on a link] so they can download free anti-malware or anti-spyware,” Johnston said. The malware or adware riding piggyback on the legitimate software, of course, will remain in the computer’s system despite the presence of the free protection software.

Other variations on socially engineered malware, Johnston said, include fake codecs and related threats that spawn pop-ups telling potential victims they need to download certain programs to view video files.

“These new threats are all about social engineering,” he said. “It’s about tricking you to download their malware, spyware or their adware. He also spoke of mobile threats now that “mobile devices, such as cellular phones, are becoming juicier targets because they now have more power and functionality.”

Viruses and other malware targeting mobile phones are still in the “proof of concept” stage, Johnston said. However, he warned that mobile devices are becoming more and more attractive to those who steal identities and potentially valuable information which may be stored in mobile phones. If you keep financial information, passwords and other sensitive data in your mobile phone, beware, because there are now viruses that can steal that data, he added.

He also said there are now viruses that target postpaid mobile phones and causes these phone units to dial “a premium overseas number” and remain on the line for 10 seconds per call. “The mobile phone user is unaware of this until the bill arrives and he or she will see that several expensive 10-second calls were made to a premium number and they are saddled with a huge bill. The recipients of those calls, on the other hand, get huge amounts of money, essentially stolen from the mobile phone owner and they walk away unscathed.”

Johnston also cautioned computer users alike to be wary of what he called “potentially unwanted applications [PUAs], such as adware applications, that users may unwittingly download into their mobile phones or computers. PUA creators, he said, “claim legitimacy, and it is difficult to flag PUAs as pure malware."

In fact, PUAs often come with lengthy end-user license agreements (EULAs) “that tell users exactly what they are downloading and what these programs will do and obtain the user’s agreement before installing the PUA,” Johnston said. “However, most computer and mobile phone users do not read the EULAs that come with programs they download, preferring to skip to the end of the installation process as quickly as possible.” These PUAs, he said, “can dish up so much adware that it bogs down systems.”

One more red flag Johnston gave warnings about is the Win32/PSW online-games family of Trojans, which has keylogging (copying each keystroke made on an infected computer) and rootkit (computer registry-altering, hacking) capabilities, making possible the theft of data and even “virtual assets,” such as online roleplaying game characters and other data files “that can be sold for real money in the real world.”

Besides being spread online, viruses, spyware and malware are also transmitted by the modern “sneakernet”—they now ride on universal bus (USB) storage devices like flash disks and multimedia cards instead of floppy disks—but the principles of port-to-port or drive-to-drive transmission remain the same. This is the same, he said, for computers with which mobile devices like cellular phones and personal digital assistants (PDAs) are synchronized.

Dealing with these threats, Johnston said, involves “increased vigilance” on the users’ part. “Disable the autorun feature of your computer if you are using a Windows operating system, keep your applications and operating systems patched and up to date, and use different passwords for different systems."

He also advises users not to use their administrator user IDs too often, but rather to use a separate user ID and to use their administrator ID “only if needed to troubleshoot a computer or to install software.” The rationale behind this piece of advice is that “the malware that may get into your computer will have the same access privileges as the system administrator if it infects your PC while the administrator is logged on. Using a regular user ID for everyday purposes limits the access any malware will be allowed if it infects your system.”

Johnston also advises computer users not to “disclose sensitive information on their social networking sites or other public websites.” He also cautions people who use public Wi-Fi or piggyback on unsecured Wi-Fi access points not to “connect to just any ‘free Wi-Fi’ access point, which may in reality be an ‘evil twin’ network through which someone can steal your data, either from your hard drive or by using socially engineered malware.”

“Don’t trust unsolicited files or embedded links,” he added.“I cannot emphasize this enough. Encrypt and back up sensitive information on your hard drives and do not use cracked or pirated software.”

His final piece of advice is to “use high-quality anti-virus software in which protection and smart security is integrated, such as our new products, which are built for speed, come with an extremely light system footprint of 40 to 50 megabytes and are easy on the user because of an intuitive user interface and minimal alerts.”

Eset’s new line of computer protection software, he said, also comes with a new interface and keyboard shortcuts for the visually impaired, enhanced portable computer support, and is programmed to detect threats even when the computer is in fullscreen mode.

* Published in the BusinessMirror newspaper.