Bogus security software growing threat: Microsoft

Apr 08, 2009 by Glenn Chapman
A man surfs the internet in Beijing, September 2007. Hackers are increasingly hiding viruses in bogus computer security software to trick people into installing treacherous programs on machines, Microsoft warned.

Hackers are increasingly hiding viruses in bogus computer security software to trick people into installing treacherous programs on machines, Microsoft warned on Wednesday.

The software giant said in a intelligence report that "rogue security software" is a growing threat as hackers take advantage of people's fears of worms such as the notorious Conficker.

"Rogue security software is the number one threat worldwide," said George Stathakopoulos, general manager of the Trustworthy Computing Group at Microsoft.

"If you think about the Conficker case, how many people went looking for a security solution and downloaded rogue malware?"

Rogue security software referred to as "scareware" pretends to check computers for viruses, and then claims to find dangerous infections that the program will fix for a fee.

"The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information," Microsoft said.

Two "rogue families" of scareware were detected in 1.5 million computers, according to Microsoft. Another form of scareware was found on 4.4 million computers, a rise of 66 percent from the previous six-month period.

"That means when users downloaded the software they probably gave away and got infected," Stathakopoulos said. "That's a double hit."

Microsoft releases security reports twice annually. Stathakopoulos expects scareware infections to soar in the first six months of this year because of massive hype regarding Conficker.

The Conficker worm's April 1st trigger date came and went without the bedeviling causing any mischief but security specialists warn that the threat is far from over.

The virus evolved on April Fools' Day to better resist extermination and make its masters tougher to find.

A task force assembled by Microsoft has been working to stamp out Conficker, also referred to as DownAdUp, and the software colossus has placed a bounty of 250,000 dollars on the heads of those responsible for the threat.

The worm, a self-replicating program, takes advantage of networks or computers that haven't kept up to date with security patches for Windows.

It can infect machines from the Internet or by hiding on USB memory sticks carrying data from one computer to another.

Conficker could be triggered to steal data or turn control of infected computers over to hackers amassing "zombie" machines into "botnet" armies.

Microsoft's report found that as operating system defenses have improved cybercriminals have shifted attacks to software applications people use in their online lives.

Ruses such as bogus software updates or security checks and booby-trapped Web pages or emails are among "social engineering" scams hackers use to dupe people into allowing malicious software past computer defenses.

"We see cybercriminals increasingly going after vulnerabilities in human nature rather than software," said Vinny Gullotto, general manager of the Microsoft Malware Protection Center.

Stathakopoulos urged people to keep computer applications and anti-virus software updated and to be wary of online come-ons by strangers.

"Use a little common sense," Stathakopoulos counseled.

"If you browse the Web and someone you never met before is offering you a lot of money, it is probably not a good thing ... You wouldn't buy medicine from people you didn't know."

Despite the increasingly wily tactics employed by hackers, the primary causes of data breaches were classic real-world problems of loss or theft of computer equipment, according to Microsoft.

The report, based on data gathered from hundreds of millions of computers worldwide during the second half of 2008, said half of security breaches involved computer gear vanishing, not being hacked.

"For businesses, the security concern is the laptop you left in the cab or the CD-ROM you left in the bar," Stathakopoulos said. "Encryption is so important."

(c) 2009 AFP

Explore further: Android gains in US, basic phones almost extinct

add to favorites email to friend print save as pdf

Related Stories

Conficker worm digs in around the world

Apr 01, 2009

Computer security top guns around the world watched warily as the dreaded Conficker worm squirmed deeper into infected machines with the arrival of an April 1st trigger date.

Conficker Worm Prepares For A New Release On April 1

Mar 27, 2009

(PhysOrg.com) -- The conficker worm created havoc last year when it infected over 10 million computers on a global scale. The unique design of the conficker worm allowed for this large scale attack to over ...

Help! How to avoid fast-moving computer worm

Jan 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

No foolproof way to beat virus attack for now

Aug 17, 2005

Microsoft continues to be the prime target for those intent on wrecking havoc in cyberspace, but for now the software giant argues that only it can save users from computer-virus attacks.

Recommended for you

Android gains in US, basic phones almost extinct

Apr 18, 2014

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

docatomic
not rated yet Apr 08, 2009
I thought 'conficker' was merely the hype generated by antivirus firms fearful of the present economic downturn; however, this article seems to point out a different possibility. More obfuscationary tactics?

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

(Phys.org) —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...