The Internet is a place where you can find a great deal of information, but it is also a source of viruses, malicious programs, and other ‘infections’ which can compromise security. At this post, we want to share some tips for all of you (our great readers) about online security risks and cyber criminal attacks, and things you need to do to anticipate it.

The only way that your computer (desktop, laptop, netbook and tablet) would be 100 percent safe from viruses, Trojans and malicious programs would be if you would never connect to the Internet. The Internet, however is all pervasive – it is source of information, and is also used for social networking, games, work, entertainment, mobile phones, video conferences and for all kinds of activities.

All this is possible only through the World Wide Web (WWW). And the web is also used by crackers, hackers and other cyber criminals to commit financial crimes such as: stealing your personal data, identity theft, causing data loss and other nefarious activities.

You think you have the most powerful and latest anti-virus software, a total internet security suite, plus you run an online scan every once in a while and back up your data religiously and you are safe? With Facebook accounts entered into, bank accounts hacked, the financial aspects of cyber crime alone runs into millions of dollars. And all this is done because cyber criminals are one step ahead.

Internet Explorer 8 Fatal Security Hole

There are many people who have downloaded the new Internet Explorer 8 – it comes in via various Microsoft Windows updates or as a standalone download. Microsoft has now admitted that there is a serious flaw in system which allows hackers to inject malware (malicious software) into the system and hijack the user’s computer. Rik Ferguson, security analyst at Trendo Micro told the BBC: ‘as vulnerabilities go, this kind is the most serious as it allows remote execution of code.’

Sadly, there is as yet no security patch available to get rid of this flaw. The only thing you can do is uninstall the Microsoft’s Internet Explorer 8 and download another browser like Google Chrome, Mozilla Firefox, Opera Web Browser, or Apple’s Safari (with latest security patches of course).

Threats

Mobile devices like smartphones, tablet PCs, laptops, mobile phones which also connect to the internet and use operating systems will also be targeted by cyber criminals. All networked devices become open to vulnerabilities. These include hitherto difficult to reach Apple devices.
Social networking websites (Facebook, MySpace, Twitter, etc.) are already on the radar of cyber criminals whether it for financial fraud, advertising, data mining or installation of infectious software. These threats are going to increase, particularly for gaining sensitive financial information.
Cloud computing is on the increase and the cloud computing servers will at greater risk of security threats.
Threats to physical equipment like utilities, power and water supplies, healthcare, defense equipments and other connected networks will be on the increase. It will be increasingly difficult to ward off such attacks because of various laws and regulations which prove an obstacle for government and official bodies.
Other attacks like blended email campaigns, script-based attacks and SEO poisoning will proliferate.

Trojan Boonana Attacks Microsoft Windows and Apple’s Mac

Dubbed trojan.osx.boonana.a, this Trojan attacks Apple’s Mac OS X operating system, including the latest version, Apple Mac 10.6 Snow Leopard. As it uses Java, it also attacks Windows users. Boonana spreads through social networking sites such as Facebook, MySpace, Twitter, so on. However this cannot install stealthily.

Instead it requires the user’s cooperation which it gets by enticing the user to click on a link saying ‘Is this you in this video?’ When the user clicks he or she is prompted for a password and then the Trojan installs on the computer. The Trojan sends system information including personal details and also spreads itself by sending spam messages to others on friends’ lists.

If you are ever prompted for a password, please, do not give it and the Trojan will not be installed. However, if you have done so, you may be able to remove it using various software tools available on the Internet.

Zeus Botnet

The Zeus Botnet has the dubious distinction of being called the king of bots. A dangerous Trojan that compromises bank accounts of users, it has been responsible for frauds and bank crimes running into more than $260 million in the very least. The victim gets infected by the virus when he visits web sites that are engineered to attack and infect computers.

Once infected the cyber criminals can siphon data and command the computer, using command and control centers. The attackers look for vulnerable websites to install their software undetected. It is difficult to get rid of – most anti virus software works only about 23 percent of the time. You can download special tools for this virus removal and see whether they work – all don’t.

If you suspect you have been infected, look for file names ending with LD08.EXE, LD12.EXE, LDnn.EXE, NTOS.EXE, PP06.EXE, PP08.EXE and PPnn.EXE, etc, so search your computer for files with names like this. In addition this Trojan now injects itself into explorer.exe, ctfmon.exe, rdpclip.exe, taskhost.exe, taskeng.exe and wscntfy.exe. The Zeus Trojan will typically be between 40KBytes and 150K bytes in size. You can look for a folder named WSNPOEM, which is also a common sign of infection for the Zeus Trojan. You can try to delete the files manually. If that does not work, the only option is to format your hard drive. Sadly, if you haven’t backup your data, you’ll loss those data forever.

Stuxnet

This Internet worm is thought to be engineered by a government. It infects computers that are not on a network via USB sticks. It infects Microsoft Windows computers and looks for Programmable Logic Controller (PLC) made by Siemens, which comes with default passwords. If it finds this, it changes bits of data for specific purposes.

However this dangerous worm is used to compromise cyber security of countries. Stuxnet has already damaged 1000 centrifuges in Iraq’s nuclear facility. Future Stuxnet variants can exploit physical infrastructure projects such as electronic voting systems or power grid controls, according to Paul Wood, of Symantec Hosted Services. However, this threat can be solved by some anti-virus programs, though there is no ‘vaccine’ available to protect against it. It is also crucial to scan flash drives completely when using them via USB.

Taobatuo Malware

Many people use the Internet to download free music and movies (especially porn movies). A lot of websites which offer you free downloads are also a via media for various kinds of infections. A website in China offers free download of the latest pirated movies. When you download these, you are prompted to install a file to view the media and then you also get infected by keyloggers and downloader payloads, phishing Trojans and Apache server software.

The malware targets web pages that you may visit that are used as the payment pages on some online shopping websites, using a complicated regular expression rule to determine which IIS (Internet Information Services) pages to monitor. It turns infected computers into web servers for financial gain.

Your anti virus, if it offers protection against malware, may be able to detect and delete the files, otherwise you will have to check for special removal tools.

Among other viruses and threats to look out for are:

• Exploit-CVE2010-2568
• Exploit-CVE2010-0814
• MSFT Win SMB Val Vuln
• MSIL/Terdial.D
• Ms IE HO RCE 2746
• Ms Wind New Cl 3223
• Ms .NET JIT 3228
• Ms Wind TLSv1 3229
• Ms WindOTFont 2741
• W32/VBMania@MM
• W32/Autorun.worm.q

For the coming year the threats are going to multiply.

As different operating systems come into use, the viruses, malware, rootkits, Trojans and worms will also proliferate and get more sophisticated. It is expected that various threats will get together and combine thus increasing their ability to attack computers and networks.

So, what you can do?

• Use firewalls.
• Run anti-spy ware which has got top reviews not only at commercial sites, but also user blogs.
• Disable automatic installers and updates.
• Install sophisticated total internet security suites which you have to pay for – most free ones do not do as good a job, though paid ones often do slow the system.
• Run online virus/spyware scans frequently part from the regular software on your computer.
• When using wi-fi networks make sure you are password protected. If you are using an unsecured wi-fi connection, make sure you do not do any sensitive work like banking or share trading at cafes, malls and other wi-fi zones, unless you are certain of their security.
• Keep a check on disk space on a regular basis – spy softwares and infections take up space.
• Never enable ‘save password’ option on your browser.
• Be extremely careful when using internet banking, entering credit card details while doing online shopping or investment transaction or money transfers. Check for the lock sign on the browser and https for security.
• Always back up your data and store program disks safely in case you have to format your hard drive to get rid of threats.
• Keep all security updated.
• Don’t store passwords and other sensitive information on the computer.
• Avoid going to porn and other ‘free’ sites.
• Avoid clicking on ads which try to lure you or emails which do not come from trusted sources and come with attachments.

Just remember, no matter what you do, there is always a risk that your computer can get infected. You have to weigh the risks with the benefits. “The main problem we have in defending against online attack is that the attackers have the upper hand,” says Mikko H Hyppönen, Chief Research Officer at computer security provider F-Secure Corp.

Last but not least, when they are creating their attacks, hackers can analyze how protection systems (firewalls, anti-viruses) work, then work around them. They have unlimited time to do this. However, the defenders have to be able to find the attack and build a defense very quickly. It’s not a fair fight between the virus writers and virus fighters. The situation has been bad enough when we’ve been fighting just the online criminals who are after money. Now stakes are changed as we’re seeing clear attacks launched by nation states.