Apple was silent for far too long on the matter of the Mac Defender Malware, a Rogue anti-virus application like those seen on Windows machines for the past few years. This type of malware tricks users into thinking they are protecting their computer by displaying false “infection” messages and offering a fix in exchange for money. There have been thousands of reports by irate OS X customers in recent weeks. Many of the people who called Apple support were referred vaguely to the forums for help. It was almost as if Apple didn’t want to have to acknowledge that they are not invulnerable after all.
Late on Tuesday, the Cupertino company finally released a support article which explains how to eradicate this nasty piece of so-called software. The article begins by admitting that a recent scam has targeted their fans by “redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender “anti-virus” software to solve the issue.” The rest of the piece gives detailed instructions on ridding yourself of this pesky problem.
Within the next few days, Apple promises to release an update to OS X which will automagically find and remove Mac Defender and all of its known variants. The update should also help protect users by giving warnings if they download the malware. The problem, as Windows users and security experts know, is that these malware writers pump out newer versions very quickly… which take a while to detect and fix.
Rogue anti-virus programs are quite the lucrative business. According to McAfee, the number of these types of programs has increased by nearly 400% since 2009, causing computer users a loss of about $300 million. I don’t really care if you’re a Mac or Windows fanatic. If something pops up on your screen that you haven’t already installed yourself and then claims you are infected… click NOTHING. Don’t be fooled into downloading or buying anything. Look for a fix immediately, and follow the recommended guidelines. One of the most reputable sites out there which is FULL of guides of this sort is Bleeping Computer. If you have trouble fixing the machine up yourself, their free forums are full of security experts who will gladly help you – for nothing more than your thanks.
Ivan Kaspersky, son of a Russian software giant, has been missing since April 19th. It is believed that the young man was abducted. Security powerhouse Eugene Kaspersky, the CEO and co-founder of antivirus company Kaspersky Lab, has asked only that the media stop spreading rumors and speculation. Nothing official has come forth from the Kaspersky camp, despite claims from local law enforcement that the allegation is true. There has reportedly even been a ransom demand to the tune of $4.3 million.
Many blogs are claiming that a kidnapping is par for the course within any big business in that country. Could that really be what motivated the people behind this?
Malware writers infect your machines and muck up your day for one reason: to make money. We’re talking about mass quantities of green, people. The little script kiddies you find writing simple botnets for IRC are in it for kicks. REAL malware makers are out to make cold, hard cash. It’s a multi-million dollar business – and one that unfortunately won’t disappear any time soon.
Let’s imagine for a moment what else the alleged kidnappers could ask for – other than cash – in exchange for young Ivan’s safe return. How much do you suppose Kaspersky’s technologies and databases are worth to those with nefarious things on their minds? I’m quite sure they are worth far more than four million smackers… especially to criminals who have no regard for the rest of us. It’s more than possible that these people would much rather get their hands on information than money.
It’s true that kidnapping for ransom is on the rise in Russia. People are being targeted for their fortunes instead of the type of business they are in. We are hopeful that this is nothing more than a case of a young kid taking some time for himself without letting family members know. If it turns out to be true, we further hope that it is directly related only to the fact that the senior Kaspersky has amassed a fortune in his lifetime and not to the type of work he does.
We will be following this story as the details unfold. Our thoughts and support go out to the Kaspersky family during this time of uncertainty.
Damn these compromised systems. They’re ruining it for the rest of us. Someone on Lockergnome asked if ISPs should cut off bot-infected users. This refers to people who have computers that happen to be infected with software that can potentially turn their machine into a “zombie computer.” This allows someone to use the infected system as part of a bot net – or DDOS attack.
Why shouldn’t an ISP cut them off? That’s my thought. If an ISP can see that a machine is being used – and abused – in this manner, it’s their duty to keep others protected. Perhaps the user doesn’t even KNOW that their machine has been compromised in this manner. You can be infected with some pretty nasty malware without ever having any pop-ups or symptoms, and without knowing it.
Your ISP should be able to turn you off, and then contact you to let you know there’s an issue. The ISP could go so far as to suggest ways and/or tools to help the user get all cleaned up. Imagine if the ISP took that step to help their customer – we could all have better Internet. That may be a pretty lofty dream, but I think it’s a good one.
Bonus points for remixing the zombie disruption found in this video!
A chat room visitor asked me if it’s necessary to have an anti-virus program installed on Mac OS X. Most people will tell you that it isn’t needed, but I have a feeling my assistant Kat won’t agree with that assessment.
Guess what? I happen to agree with her. You should run security software on your Mac. Just because there aren’t “many” pieces of malware out there for OS X doesn’t mean there are “none.” There are a few running around the wilds. Nothing is perfect. As more people turn to Mac more vulnerabilities will be released.
If you want to be safe, you want to run something that’s going to keep you clean and free from all digital nasties… not just a virus. Mac OS X can suffer from Spyware, yes. There may not be a lot of it, again, but it is there.
If you’re going to connect to the Internet, you need to do so safely – even on Linux.
Aaron has recorded this screencast to show all of you how to figure out if a website you want to visit is safe or not. McAfee’s SiteAdvisor doesn’t require any downloads, and will give you a detailed report along with your green (or red!) light.
Not only does the report give you a red or green light, it also includes demographic information such as the country the site is located in and how popular it is. If there are downloads available on the web page, McAfee has already tested each and every one to be sure that it’s clean and free of malware.
Customer (visitor) commentary adds a nice touch to your report. See what others are saying about their experience visiting that site. You can become a member for free and add your thoughts to any web site report that you find.
You will find a handy little graph that shows you what other sites are affiliated with the site in question, as well as being able to quickly tell if they are “green” or not. When checking out my main site, you’ll find links off to my live page, Lockergnome and various other sites that I maintain. As I would expect, all of my sites have a green light.
Lastly, you’ll be able to see exactly what annoyances a site may hold – such as popups. The team at McAfee has built this excellent tool to help you learn how to stay safe online, and to alert you to potential dangers before you ever click that link.
Thanks to Aaron for this excellent tutorial.
Want to embed this video on your own site, blog, or forum? Use this code or download the video:
During the first half of 2010, more than two million computers in the United States alone were found to be part of a botnet. Microsoft performed the research, which showed that Brazil had the second highest level of infections at 550,000. The country hit hardest is South Korea, where 14.6 out of every 1000 machines were found to be enrolled in botnets.
Cliff Evans is the head of security and identity in the UK. “Most people have this idea of a virus and how it used to announce itself,” he said. “Few people know about botnets.” Botnets start when a virus infects a computer, either through spam or an infected web page. The virus puts the Windows machine under the control of a botnet herder. “Once they have control of the machine they have the potential to put any kind of malicious code on there,” said Mr Evans. “It becomes a distributed computing resource they then sell on to others.”
The stats for the report were gathered from more than 600 million machines which are enrolled in Microsoft’s various update services or use its Essentials and Defender security packages. The conclusions of the report show that people need to be much more vigilant. You have to keep yourself well protected against threats of any kind. Even though they’re a pain, you need to apply your Windows updates when they become available, keep programs updated (such as Java) and make sure that you understand security basics.
Malware is everywhere. You don’t have to download torrents or visit adult sites in order to have your computer infected. Seemingly innocent sites aimed at kids have been known to have drive-by malicious content embedded within their pages. These drive-bys install themselves silenty onto your machine to do their dirty work. There is no warning. There are no popups. You usually never even know they are there. This is why it is crucial to have a solid security foundation. CA Anti-Virus Plus Anti-Spyware is one program which can help you stay safe.
In order to help you keep your information and data safe, CA is offering a fantastic deal on their software until October 5th. If you use coupon code FGS7156during checkout, you will save 40% off of the normal retail price on CA Anti-Virus Plus Anti-Spyware 2-Year protection for up to 3 PCs.
If that offer doesn’t suit your needs, CA has graciously offered up a few others:
There are more threats to the security of your computer than I can begin to count. New types of attacks are released on more than a daily basis… you have to be vigilant. You already know to use strong passwords. You also know to be sure and have a good anti-virus program and firewall installed. However, there are many other easy things you can do to help make sure your PC is safe. This is why I have come up with my Top 100 Windows PC Security Tips eBook.
You are free to set your own price for this Gnome Tome, with a suggested minimum of five dollars. Once you have downloaded the .PDF file, you will learn how to fully protect your computer from hackers, viruses, phishing attempts, trojans, worms and much more. Many of these little gems are likely things you didn’t already know how to do… or even that they existed. Much of the information deals with things already in place on your operating system – you just have to know how to use them.
Educate your family about the basics of malware and how to avoid becoming infected — and know where your kids go online.
The above tip may seem to be a no-brainer. You would be surprised to learn how many people simply do not take the time to educate their children and teenagers… or how many teens neglect to educate their parents. The 100 tips and tricks cover everything you need to know – from education to prevention to recovery.
On the last page, you will find several links to discounted security products that we have recommended in the past. We are grateful to those partners for continuing to offer these special prices to our community.
Education is the key to everything – including protection yourself and your information.
According to researchers, a threat may be lurking in your local Internet cafe. It’s called Typhoid adware, and works much like Typhoid Mary did. Typhoid Mary was the first healthy carrier of Typhoid Fever. She spread the disease to dozens of people near New York City in the early 1900s. “Our research describes a potential computer security threat and offers some solutions,” says associate professor John Aycock, who co-authored a paper with assistant professor Mea Wang and students Daniel Medeiros Nunes de Castro and Eric Lin. “We’re looking at a different variant of adware – Typhoid adware –which we haven’t seen out there yet, but we believe could be a threat soon.”
Adware is a type of malware that will sneak onto your computer – usually when something is downloaded. You know those fancy tool bars and cute screen savers you enjoy so much? Yeah… many of them are riddled with adware. The adware causes popups… and lots of them. Typhoid adware, however, needs a wireless Internet cafe or other place where users share a non-encrypted wireless connection in order to thrive.
“Typhoid adware is designed for public places where people bring their laptops,” says Aycock. “It’s far more covert, displaying advertisements on computers that don’t have the adware installed, not the ones that do. Typhoid adware comes from another person’s computer and convinces other laptops to communicate with it and not the legitimate access point. Then the Typhoid adware automatically inserts advertisements in videos and web pages on the other computers. Meanwhile, the carrier sips her latté in peace – she sees no advertisements and doesn’t know she is infected – just like symptomless Typhoid Mary.”
Make sure all computers in this type of environment are updated fully with proper Windows updates and have proper security software on board. You can find more information by reading the official paper that was released by the school.
In the past, we’ve been fortunate to offer discounts on SUPERAntiSpyware to our readers, and the response has always been great. SAS is an excellent product, one which Kat highly recommends. Today I learned that they are offering a very special license for educational institutions, and I wanted to make sure that it is passed along to you. If you are a teacher or administrator, you’re going to want to check this out. If you’re a student, why not show this post to your principal?
From now through August 1, 2010, all SUPERAntiSpyware multi-user licenses sold to educational clients will be upgraded to a lifetime subscription with no renewal fees at no additional charge. “Economic hardship and budget cuts are an everyday reality for school systems at all levels,” said Nick Skrepetos, founder of SUPERAntiSpyware.com. “We highly value the role that education plays in communities worldwide, and we want to support schools in their efforts to provide quality education while balancing their tight and shrinking budgets. Managing high-priced software renewal fees is simply not practical for schools in today’s economic climate. We want to help.”
Additionally, SUPERAntiSpyware will include one Technician’s License for its new portable scanner with each educational license at no additional cost. The portable scanner harnesses the same powerful anti-spyware engine as the Professional Edition of SUPERAntiSpyware and references a spyware definition database that is updated at least once per day.
To take part in this amazing offer, simply send them an email. The danger of malware infections pose a huge threat to the educational system, one which could potentially cost millions of dollars to eradicate. Without proper protection, schools are at risk that can not only rob them of instructional time, but may also require them to pay expensive repair bills.
Geek Culture & Tech Expert: How Can I Help You Today?