Viruses, Trojans and worms… computers too are vulnerable to infection and what’s alarming is it spreads fast. Geeta Padmanabhan on what protective measures can be taken
My system flashed several warnings. Then it locked up, went blank, started randomly, slowed down suddenly. One morning it crashed. Kaboom! Gone!
The mechanic started with a quiz. “Did you see strange error messages? Pop-up alerts about firewalls? Unsavoury pictures on the screen when you booted?” I nodded. He tickled the desktop a bit and announced, “Your system has a virus.” (Just one?) “Some people find new toolbars in the browser, new shortcuts on the desktop they didn't put there, new items in the system tray at the bottom of the screen.” (Note: new toolbars/shortcuts often come bundled with software you actually want; they may not be malicious — just annoying.)
I needed computer wellness lessons. “Virus is a tiny program designed to infect a machine (files in the machine),” said an ethical hacker (EH). “When the file is opened, it goes into memory, and infects all files opened. When an infected program is opened on another machine it infects all files in that machine also.” And yes, there are different virus types — those that infect only files, those that infect documents, excel files, boot record/partition and those smart hybrid ones which infect all the above. Classification is based on what they infect.
Then there are worms. These usually travel as a single file to infect machines, so the damage isn’t too much. (That’s kind!) The worm tags on to inbuilt communication mechanism (e-mail) to transmit itself using a weakness on a machine or through shares. Sometimes virus and worm marry. This couple is difficult to remove. Trojan (spyware) programs intercept private data — passwords, e-mails, files — it’s a Trojan war!
Most are innocent victims! “Ha, virus is created for fun by youngsters for bragging, to see it spread, it’s a high,” said EH. “Some are professional — to destroy rivals’ computers. Your computer is just a victim in this process.” What armoury do I have to fight it? “Invest in good antivirus software. It’s difficult to detect them manually.” He recommends Fprot and Avast (avast.com). “You get a one-year home edition free once you register for Avast. Prevent Trojan (keylogger) from doing identity theft with keyscrambler personal edition (www.qfxsoftware.com) along with antivirus software. This ensures safety of passwords of emails and net-banking.”
Session II is with Samir Mody, Senior Manager — Threat Control Lab, K7 Computing. “A computer virus does covert actions such as stealing credit card information, sending spam,” he said. “Most computer viruses are developed for financial gain.” Great.
Malware and spyware
What are malware and spyware? “Malware is synonymous with computer virus. It is the superset of spyware which silently steals information like passwords, confidential data.” Watch out for any unusual behaviour — unknown process names, unusual network traffic — on the device, he said.
Giant companies fall victim to hackerazzi. An AP story tells us how international hackers ran an online advertising scam to take control of infected computers around the world. Hackers installed malicious software on the victim computers, which turned off antivirus updates. In an unusual move, FBI is encouraging users to visit http://www.dcwg.org (till July 9) to check and fix the problem. According to a Russian anti-virus firm, more than half a million Apple computers have been infected with Flashback Trojan. It sent a unique ID to the intruder's control server to identify the infected machine. The criminals could then control the machine. Apple released its own “security update”.
F-Secure also posted instructions on how to confirm if a machine is infected and how to remove the Trojan. Apple isn’t safe? “Anti-virus software, including K7 security products, will detect and clean up the infection automatically and without fuss,” Samir consoled. “This is not a plumbing, so don’t call local fix-it men. Maintain up-to-date anti-virus software to prevent malware infection in the first place. Be wary of and discard spam emails or social-networking messages (Facebook, Twitter) from unknown individuals or having dubious content. Refrain from clicking on links or opening attachments within such correspondence.”
Don’t exchange memory-storage devices. Don’t use memory-storage devices on other computers. Avoid visiting websites of dubious repute. Avoid Internet Explorer as the default browser, Google Chrome and, to a lesser extent, Firefox are currently seen as less vulnerable to malware targeting. Operating systems like Linux (Ubuntu, Mint, etc.), due to their significantly smaller user base, are considered less likely to attract malware.
My system is back in action. I scream “Virus!” if it slows down one second.
DEALING WITH VIRUSES
* On control panel, Security, if you can’t click/launch Windows Update, you probably have a virus.
* Many legitimate parts of Windows have virus-sounding names. Be careful when you do CTRL-ALT-DEL.
* Use multiple programs with multiple and varied virus definitions for better diagnosis.
* When you scan for viruses, be sure to turn off or disable any other security software. These programs can interfere with one another.
* Check out Safentrix.com.
* For Asian malware, read http://blog.k7computing.com/2011/11/malwasia-in-operation-since-1986-part-1/part-2/part-3