Viruses,
Trojans and worms… computers too are vulnerable to infection and what’s
alarming is it spreads fast. Geeta Padmanabhan on what protective
measures can be taken
My
system flashed several warnings. Then it locked up, went blank, started
randomly, slowed down suddenly. One morning it crashed. Kaboom! Gone!
The
mechanic started with a quiz. “Did you see strange error messages?
Pop-up alerts about firewalls? Unsavoury pictures on the screen when you
booted?” I nodded. He tickled the desktop a bit and announced, “Your
system has a virus.” (Just one?) “Some people find new toolbars in the
browser, new shortcuts on the desktop they didn't put there, new items
in the system tray at the bottom of the screen.” (Note: new
toolbars/shortcuts often come bundled with software you actually want;
they may not be malicious — just annoying.)
DIFFERENT VIRUSES
I
needed computer wellness lessons. “Virus is a tiny program designed to
infect a machine (files in the machine),” said an ethical hacker (EH).
“When the file is opened, it goes into memory, and infects all files
opened. When an infected program is opened on another machine it infects
all files in that machine also.” And yes, there are different virus
types — those that infect only files, those that infect documents, excel
files, boot record/partition and those smart hybrid ones which infect
all the above. Classification is based on what they infect.
Then
there are worms. These usually travel as a single file to infect
machines, so the damage isn’t too much. (That’s kind!) The worm tags on
to inbuilt communication mechanism (e-mail) to transmit itself using a
weakness on a machine or through shares. Sometimes virus and worm marry.
This couple is difficult to remove. Trojan (spyware) programs intercept
private data — passwords, e-mails, files — it’s a Trojan war!
Most
are innocent victims! “Ha, virus is created for fun by youngsters for
bragging, to see it spread, it’s a high,” said EH. “Some are
professional — to destroy rivals’ computers. Your computer is just a
victim in this process.” What armoury do I have to fight it? “Invest in
good antivirus software. It’s difficult to detect them manually.” He
recommends Fprot and Avast (avast.com). “You get a one-year home
edition free once you register for Avast. Prevent Trojan (keylogger)
from doing identity theft with keyscrambler personal edition
(www.qfxsoftware.com) along with antivirus software. This ensures
safety of passwords of emails and net-banking.”
Session
II is with Samir Mody, Senior Manager — Threat Control Lab, K7
Computing. “A computer virus does covert actions such as stealing credit
card information, sending spam,” he said. “Most computer viruses are
developed for financial gain.” Great.
MALWARE AND SPYWARE
What
are malware and spyware? “Malware is synonymous with computer virus. It
is the superset of spyware which silently steals information like
passwords, confidential data.” Watch out for any unusual behaviour —
unknown process names, unusual network traffic — on the device, he said.
Giant
companies fall victim to hackerazzi. An AP story tells us how
international hackers ran an online advertising scam to take control of
infected computers around the world. Hackers installed malicious
software on the victim computers, which turned off antivirus updates. In
an unusual move, FBI is encouraging users to visit http://www.dcwg.org
(till July 9) to check and fix the problem. According to a Russian
anti-virus firm, more than half a million Apple computers have been
infected with Flashback Trojan. It sent a unique ID to the intruder's
control server to identify the infected machine. The criminals could
then control the machine. Apple released its own “security update”.
F-Secure
also posted instructions on how to confirm if a machine is infected and
how to remove the Trojan. Apple isn’t safe? “Anti-virus software,
including K7 security products, will detect and clean up the infection
automatically and without fuss,” Samir consoled. “This is not a
plumbing, so don’t call local fix-it men. Maintain up-to-date anti-virus
software to prevent malware infection in the first place. Be wary of
and discard spam emails or social-networking messages (Facebook,
Twitter) from unknown individuals or having dubious content. Refrain
from clicking on links or opening attachments within such
correspondence.”
Don’t exchange
memory-storage devices. Don’t use memory-storage devices on other
computers. Avoid visiting websites of dubious repute. Avoid Internet
Explorer as the default browser, Google Chrome and, to a lesser extent,
Firefox are currently seen as less vulnerable to malware targeting.
Operating systems like Linux (Ubuntu, Mint, etc.), due to their
significantly smaller user base, are considered less likely to attract
malware.
My system is back in action. I scream “Virus!” if it slows down one second.
DEALING WITH VIRUSES
* On control panel, Security, if you can’t click/launch Windows Update, you probably have a virus.
* Many legitimate parts of Windows have virus-sounding names. Be careful when you do CTRL-ALT-DEL.
* Use multiple programs with multiple and varied virus definitions for better diagnosis.
*
When you scan for viruses, be sure to turn off or disable any other
security software. These programs can interfere with one another.
* Check out Safentrix.com.
* For Asian malware, read http://blog.k7computing.com/2011/11/malwasia-in-operation-since-1986-part-1/part-2/part-3
