Products
Personal Monitor
Record PC users's actions, grab screenshots and passwords
Keylogger
Keystrokes recording software. Keylogger free trial
Hoverwatch
Cell phone and computer spy
Employee Monitor
Access and control the time spent by your workers
Terminal Monitor
Track employee activities on Terminal Server
Free Keylogger
Free keyboard logger keeps track of all typed text

The most dangerous malware of 2010

24 January 2011, by — admin ()

The year of 2010 became a year of rapid growth of online fraud. Millions of computers were infected, dozens of new fraud schemes were used for the first time and millions of dollars were stolen.

The only decline in fraudulent activities could be observed among spammers: after a number of large botnets were shut down, spam traffic dwindled by around 10%.

The past year also demonstrated an entirely new term in information security – cyber wars – in action. Key government agencies experienced the consequences of intricate and highly complex massive attacks twice in 2010: a worm called Stuxnet attacked a nuclear power plant in Iran and “Operation Aurora” enabled its initiators to steal confidential data from the databases of major international companies.

In the majority of cases, users’ computers were infected in one of the following ways:

  • Through social networks
  • Through phishing sites
  • Using 0-day exploits

Let’s take a look at the rating of the Top 10 most popular fraud methods used online in the past year (according to the data provided by antivirus companies):

1. Viruses designed for stealing account details in online banking systems.

Nearly all banks these days provide online banking services that are quickly gaining popularity. This is why users’ authorization details are a lucrative target for hackers and virus makers. So far, they have mostly targeted individuals, but it’s businesses that are threatened the most now, since their accounts usually contain considerably larger amounts.

Winlock2. Viruses blocking the Windows OS (Trojan.Winlock and similar programs).

This epidemic started back in mid 2009, but it still giving users and developers of security tools a fair deal of headache. The idea of the virus is to display a large window over all user’s windows with a prompt to pay for the unlocking procedure. The virus may use some social engineering tricks, explaining its own presence in the system by a necessity to pay a fine for the use of pirated software or visiting adult sites.

3. Viruses encrypting user’s data (Trojan.Encoder and similar programs).

When a virus of this type is contracted, it encrypts user’s data and display a prompt to pay for their decryption. Many manufacturers of security software have released special tools allowing users to recover the documents encrypted by such viruses. However, such tools are not available for all viruses.

4. Viruses “faking” sites using a local web server.

These viruses install a local web server on an infected system and modify the hosts file to replace the addresses of popular sites with completely different URL’s. As a rule, these viruses have two purposes: racketeering and blocking of sites of anti-virus software developers.

5. Viruses replacing popular sites with their fake clones.

These viruses also modify the hosts file, but redirect users to their own fake sites (phishing) without using a local web server. Whenever a user attempts to load a social network site, a search engine or another popular online resource, he or she is redirected to a fake site demanding money in exchange for the normal operation of the browser.

Imitation of antivirus software6. Imitation of antivirus software.

This malware disguises itself as antivirus software by using a similar interface. The user sees a notification that a virus has been found on his/her system that only its paid version can remove. Sometimes, these notifications are accompanied by threats to damage the computer or delete all user’s data if the payment is not made.

7. Viruses disguised as IM clients.

These viruses terrorized ICQ, QIP and Skype users for several months in 2010. The virus replaced the executable file of the client application and imitated the program window that told the user that his/her account was blocked for alleged spamming activities and offered an option to solve the problem by sending an SMS message to a certain number.

8. Viruses preventing the OS from booting.

Booting virus

This type of malware surfaced at the end of the year and we may still hear about it again. When a computer was infected, it settled in the boot area of the hard drive and prevented the OS from booting. With a price of around $100, it was one of the “greediest” viruses out there.

9. Encrypted archives.

These archives were distributed in false torrent trackers and file exchange systems as files containing popular or valuable content. When somebody tried to open such an archive, they received a message telling them to send an SMS message to a specific address. Of course, these archives contained absolutely no important information – as a rule, they were full of digital garbage that had no value whatsoever.

10. Paid pseudo-services.

The same idea as with archives, but in this case, users has to pay for opening a web page with specific information or using an online service (viewing the results of a test, downloading a non-existent program, getting confidential information about someone, etc).

 

New online service from Refog. Track any device online. Just install the track a cell phone for free. And Information from your phones and computers will reflect in your online Hoverwatch account.


Tags: , ,