Virus writers are a tricky bunch, though their schemes are often glaringly obvious, at least to the tech savvy. The problem is, there are scores of users who don't fall into this category, and according to Symantec, there's a new ploy making the rounds that we have no doubt will be effective. It's called the AnVi Antivirus, and what it does is instruct victims to uninstall their AV software.
"Uncertified [AV program name] antivirus software detected on your computer. You need to remove [AV program name] software for correct operation of the Antivirus," the rogue popup reads. "Attention: If you don't remove [AV program name] software, the performance of your computer will dramatically degrade. Press 'OK' to remove the [AV program name].
At this point, it doesn't even matter if the user mashes the 'OK' button, the uninstall process will initiate regardless. Once removed, the malicious program then connects to a website to download its own supposed AV program, which as you might have guessed is a virus in sheep's clothing.
Android has had a few security scares during its meteoric rise to greatness, but this is the first time a software package could accurately be described as a malicious trojan. The malware, called Trojan-SMS.AndroidOS.FakePlayer, appears to be a standard Android application with the .APK file extension. Upon installing, the app will begin sending out SMS messages to premium numbers. This racks up huge charges on customer bills. It could be a big payday for the criminal elements behind this trojan.
This application is not available through the Android Market, it is obtained from outside sources and must be side-loaded onto the phone. This has kept its spread limited to Russia so far. Even if international users were infected, they could not be charged by the premium number being used. In response to the issue Google said in a statement, "Users must explicitly approve this access in order to continue with the installation. We consistently advise users to only install apps they trust. In particular, users should exercise caution when installing applications outside of Android Market."
Is this the beginning of a trend? If this proves to be just the first volley in a campaign to target Android with malware, we might be running mobile security apps out of necessity rather than paranoia.
Ah, Microsoft. It's taken the software giant years to wise up and realize they ought to provide a free antivirus solution to their users. The launch last year of Microsoft Security Essentials gave us hope that Microsoft was getting serious about security. While they haven't really pushed the program, it's is at least available. Now a new beta for the Security Essentials suite is available for you to download and try out.
The improvements range from humdrum tweaks like firewall integration during setup, to more necessary updates like a faster, more efficient protection engine. The new beta will also integrate with Internet Explorer to detect web threats. Yes, you probably don't use IE, but most people still do. Security Essentials will moreover be able to detect and block local network-based attacks.
We've always found Microsoft Security Essentials to be an excellent free antivirus program that bests many of the more bloated paid apps. We just wish Microsoft would integrate it with Windows. People should have a real AV application when they start up a new PC. No more of this trialware junk. Go straight here to join the beta.
When Microsoft first announced plans to launch a free antivirus software, Symantec and McAfee met the news with disdainful skepticism, arguing that a free antivirus could never compete with their own products. But Microsoft Security Essentials is now the fourth most deployed antivirus software, according to Opswat's latest antivirus market share report. Opswat has a front-row seat to all the action as its flagship product, the Oesis Framework, is a widely used development kit for managing third-party security applications.
Free antivirus tools are more popular than what the likes of Symantec and McAfee will have you believe. In fact, the four most used antivirus tools are all absolutely free. And free offerings command a very healthy 42% market share.
“Although the true market share of security applications often remains hidden, software vendors will claim to dominate a market based on their sales numbers vs. the reported sales numbers of their competitors,” Opswat said in the report.
Two weeks ago AVG announced its LinkScanner software for the Mac platform designed to keep "Mac users safe from increasing intensity and sophistication of Web attacks." Perhaps the Mac faithful didn't take too kindly to the release, as AVG felt compelled to follow-up the announcement with some sobering statistics for Mac users.
"It’s a well known fact that most computer users believe that owning a Mac means that you are somewhat immune to the malicious threats that lurk within cyberspace," AVG starts out. "In fact, this belief has become so strong that many Mac owners do not have, or feel the need to have, antivirus software installed on their machines.
AVG goes on to say that the iServices B Trojan crippled an additional 5,000 machines, and pointed out that other outbreaks, like the Tored-A and Jahlav-C viruses, also cause their share of headaches in the Apple community.
"Flaws were also discovered in the Safari Web browser, iTunes, and PDF program," AVG continues. "Worse still is the fact that last month reports were issued around an unpatched vulnerability in the Safari 4.0 Web browser! So, it would appear that Macs are no longer as shielded as they once were."
Australians who plan to traverse the Web better make sure they have antivirus and firewall software installed on their PCs, because if they don't, they risk being cut off from the Internet. And if they do manage to get an infection, they can expect their ISPs to disconnect service until they can prove a clean bill of health.
These recommendations come as part of a new plan being kicked around Australia's House of Representatives Standing Committee on Communications. In a report titled "Hackers, Fraudsters, and Botnets: Tackling the Problem of Cyber Crime," the committee spent 260 pages outlining 34 recommendations on how to deal with the growing threat of cyber crime, everything from the above scenario to holding companies financially responsible who release IT products with security vulnerabilities.
"In the past decade, cyber crime has grown from the nuisance of the cyber smart hacker into an organized transnational crime committed for vast profit and often with devastating consequences for its victims," said committee chair Belinda Neal.
Is Australia's House of Representatives on to something here, or are they off their rocker? Hit the jump and sound off.
When we ran our annual antivirus roundup in the May 2010 issue, many of you wrote in asking why we didn’t include Product X or Product Y. Fair question, so here’s the deal: We could have filled an entire issue reviewing just AV products, but that would have grown old by about page 32. Rather than do that, we’re devoting space each month to cover apps that didn’t make the cut, and CA Internet Security Suite is first up to bat.
After we installed CA ISS, it quickly became apparent that power users are not the target demographic. CA took a wrecking ball to last year’s version and completely redesigned the UI in an attempt to “eliminate the technobabble that makes PC security difficult to understand and control,” but in doing so, it made it needlessly tedious to poke around under the hood. The main interface consists of four index card–shaped menus that you can cycle through like a tie rack. Sounds easy enough, but if you want to set up a scan schedule, for example, you’ll need to bring up the My Computer card, click the Update Settings link, highlight the Threat Settings tab, and then scroll to the bottom. You’ll fumble around like this until you get accustomed to the interface, and when you do, you’ll discover there’s not a whole lot to play with. Strike one.
With all the damage hackers are capable of inflicting on your system, you might be under the impression that they're using the most sophisticated software tools on the planet. You'd be wrong, security experts say.
On the contrary, researchers claim that many of the malware kits out in the wild are filled with security holes, sort of a software version of Swiss cheese. And as it turns out, these same bugs can be used not only to identify who it is on the other side of the attack, but also to launch a counter-attack, researchers say.
There are some cyber criminals who code their own software, but the majority of them just go out and grab one of the many available malware kits. Laurent Oudot, a French security expert from Tehtri Security, took apart several of the more popular kits and found a bunch of loopholes he says are relatively easy to exploit, which would allow researchers to "hack the web hackers."
The downside? Doing so might "lead to legal issues," Oudot admits.
To celebrate two years of doing business, Immunet, a "next-generation security startup," has lifted the curtain both on a new website and a new release of its Immunet Protect software, now in version 2.0.
Available as a free download, Immunet Protect 2.0 is a cloud-based AV scanner. Like Panda's cloud-based AV software, Immunet offers real-time protection without ever requiring virus updates. And if you're particularly paranoid (or reckless), Immunet says its software will run just fine with several existing antivirus suites, including all the major ones like AVG, AntiVir, Norton, McAfee, Microsoft Security Essentials, Kaspersky, and a whole bunch more (see the full list here).
For those who need additional protection, there's also a Plus version for $20. The paid software adds things like protection against rootkits and spyware, scheduled scans, offline scans, mail database scanning, and a few other odds and ends.
Apple is a company that loves to control the news cycle. The Cupertino based hardware maker has a reputation for calling press conferences to announce even the most trivial new products or feature enhancements, it's annoying, but it seems to work for them. We rarely see a departure from this approach, that is until yesterday. In its most recent 10.6.4 Snow Leopard upgrade Apple included new antivirus signatures to help fight off some of the more high profile OSX exploits found in the wild.
The most notable of these is a file disguised as the iPhoto application which, when launched, lets attackers send spam, take screenshots, access files, and do just about anything else you can think of. Our guess is that the Apple marketing department couldn't find a positive light to spin the new OS enhancement, so it was conveniently left out of the patch notes. Cnet pointed out, and we agree, that Apple's ongoing refusal to acknowledge security flaws in its products exposes users to greater danger since they are lulled into a false sense of security.
With low single digit market share numbers, OSX exploits will continue to be few and far between, but I don't think anyone would suggest that simply ignoring the problem will make it go away. I'm sure Microsoft would be happy to give Steve a few tips on how to deal with the emerging threat, but somehow I doubt they would take them up on the offer.
Is Apple misleading its customers by telling them they don't need antivirus?