About.com Antivirus Software

Apple Takes Bite Out of Microsoft Security

Thu, 05 Nov 2009 18:32:35 +0000

In Windows 7, Microsoft finally did away with autorun, a feature that enabled trojans to spread rapidly over a network or between computers much in the same way a worm would. Apple, in an astonishing move, apparently feels that security should take a back seat and re-enables autorun if iTunes is installed. Costin Raiu, chief security expert for Kaspersky Lab, explains the problem in "Why is Apple Meddling With My Windows Autorun".

Until Apple gets their act together, you're better off not having iTunes installed.

Apple Takes Bite Out of Microsoft Security originally appeared on About.com Antivirus Software on Thursday, November 5th, 2009 at 18:32:35.

Permalink | Comment | Email this

IObit Responds to Malwarebytes' Claims of Theft

Wed, 04 Nov 2009 02:17:34 +0000

IObit has issued a statement denying claims they stole all or part of the Malwarebytes signature database. Titled "Declaration from IObit", the statement declares:

"We have never used the database of any other companies. And hope Malwarebytes stop spreading malicious rumors for hyping itself. The ridiculousness: who will trust and depend on a security product that can NOT even protect itself?"

Apparently the IObit defense is that if it's possible to steal the signatures, then the product is no good. But that logic is so flawed that it makes one wonder if there are actually any real developers behind the IObit product(s). The scanner MUST be able to read the database of signatures, hence it is impossible to make the signatures truly theft-proof. Which is exactly why legitimate vendors seed their database with dummy signatures - to catch such theft.

IObit then makes a fatal error in defending the inclusion of the Malwarebytes "to catch a thief" signatures:

"NOTSURE.dll was submitted by someone called "KXX" and described as 'Rogue.AVCleanSweepPro' detected by Malwarebytes. Our analyzer carelessly used the same name."

The fatal error? Malwarebytes explains:

"We invite you to search Google for 'Rogue.AVCleanSweepPro' or just 'AVCleanSweepPro'. See if you can find a single place where anything called 'Rogue.AVCleanSweepPro' was ever detected in the wild by Malwarebytes or anyone else. When we did this today, the only hits we got were for our own report yesterday and people talking about it. Before we published our report yesterday there was not a single hit on Google for either name. This malware name simply does not exist in reality. We made it up in-house. Only four members of Malwarebytes' management were privy to the information about the fake files and the fake names. Therefore, any suggestion that somehow someone submitted to IObit a piece of malware anyone detected anywhere as 'Rogue.AVCleanSweepPro' is simply a lie.

Just prior to this controversy, IObit also came under fire for allegedly deceptively installing the Conduit toolbar on users' systems.

IObit Responds to Malwarebytes' Claims of Theft originally appeared on About.com Antivirus Software on Wednesday, November 4th, 2009 at 02:17:34.

Permalink | Comment | Email this

IOBit Steals Malwarebytes' Intellectual Property

Tue, 03 Nov 2009 11:54:06 +0000

A few days ago, I received an email advertising the China-based IOBit anti-malware software. Problem is, the program may be derived entirely from stolen property of other reputable vendors. One of the victim vendors, Malwarebytes, did some intensive investigation - including publishing fake signatures - to prove that IOBit was stealing their malware signature database. The proof is compelling, as explained in this Malwarebytes forum post.

A company that would steal another vendor's database could also likely stoop to other nefarious practices - such as claiming a system is infected just to extort fees for an alleged cleanup tool (aka scareware). That's not to say this is what IOBit is doing, but just to point out that one unethical act typically breeds another.

The IOBit download is featured on download.com and majorgeeks.com, demonstrating that just because a download is featured on a legitimate site, it doesn't mean the download itself is legit. What can you do? Avoid using IOBit for starters. And perhaps act on the request from Malwarebytes "to send an email to hosting services such as Download.com and Majorgeeks.com requesting that all IOBit software be removed".

IOBit Steals Malwarebytes' Intellectual Property originally appeared on About.com Antivirus Software on Tuesday, November 3rd, 2009 at 11:54:06.

Permalink | Comment | Email this

Choosing to Do Bad Things

Mon, 02 Nov 2009 13:17:29 +0000

A recent article from Brian Krebs of the Washington Post details how Peter Kleissner, formerly of Ikarus Software, was forced to resign and subsequently ostracized by the anti-malware community for releasing malware exploits and allegedly hacking an Internet kiosk.

While Krebs' article does a good job of chronicling the events, it's the last line that is the most telling. According to Kleissner, his actions are excusable because, "To me it's not good or bad, it's just technology."

That has to be the lamest excuse for rationalizing a bad deed. There is a hand at the end of our arms. That hand can shake another hand as a type of introduction. The hand can wave as a form of greeting or in bidding us farewell. The hand can stroke a child's hair and calm them when they are afraid. Used appropriately, that hand can reach out and help others. But balled into a fist or flattened into a slap, that hand can become a deadly weapon. Various gestures can make that hand offensive.

It all depends on how you use it.

In Kleissner's case, defending his action by claiming it's "just technology" is about as shortsighted and misguided as you can get. It is technology - but just like anything else, how you choose to use it determines whether it is good or bad. And in Kleissner's case, he has chosen to use it for bad.

Choosing to Do Bad Things originally appeared on About.com Antivirus Software on Monday, November 2nd, 2009 at 13:17:29.

Permalink | Comment | Email this

Facebook Password Reset is a Trojan

Tue, 27 Oct 2009 18:03:36 +0000

A bogus email claiming to be from The Facebook Team has been hitting users inboxes. The email claims the recipient's password had to be changed, and further claims the attachment to the email contains their new password. Unfortunately for victims, all the attachment really contains is a malicious trojan designed to bypass firewalls and install scareware onto victims' computers.

Managed email provider MX Lab has the full details here.

Facebook Password Reset is a Trojan originally appeared on About.com Antivirus Software on Tuesday, October 27th, 2009 at 18:03:36.

Permalink | Comment | Email this

Mac OS X Doesn't Get What?

Wed, 21 Oct 2009 09:55:43 +0000

Is truth in advertising a myth where Apple is concerned? Judging by the clever manipulation in Apple's current Mac OS X slogan, I'd have to say yes. That slogan - "Mac OS X doesn't get PC viruses" - could just as easily be twisted by Microsoft to read "Windows doesn't get Mac viruses".

Actually, through Parallels and BootCamp, there's a better chance that Mac could (at least theoretically) be impacted by a PC virus. But on the flip side, PCs don't run Mac OS X so there's no chance of a PC being impacted by a Mac virus. From that standpoint, Apple's slogan is an even bigger misrepresentation of the truth.

To be clear, Mac OS X can't be directly infected by a PC virus - but it can be infected by Mac malware and that's the bit that Apple seems to be obscuring.

Mac OS X Doesn't Get What? originally appeared on About.com Antivirus Software on Wednesday, October 21st, 2009 at 09:55:43.

Permalink | Comment | Email this

A Graphic Look at Banking Trojans

Wed, 21 Oct 2009 07:19:53 +0000

Today's trojans are often highly specialized, targeting not just a particular operating system but also targeting specific activities on the computer. One example are banking trojans that are designed specifically to capture the credentials used for logging into your bank account. There are many techniques that banking trojans can use to steal your online bank credentials. Sean-Paul Correll of PandaLabs demonstrates one of the more insidious tricks used in this online demo of a banking trojan.

A Graphic Look at Banking Trojans originally appeared on About.com Antivirus Software on Wednesday, October 21st, 2009 at 07:19:53.

Permalink | Comment | Email this

Malware Detection Methods

Tue, 20 Oct 2009 20:43:34 +0000

Malicious software comes in many different forms: viruses, worms, trojans, and advertising-related spyware and adware are the most common categories. But each category is also composed of many different types of threats. For example, within worms there are autorun worms, network worms, Internet worms, email worms, etc. There are also many different methods of combating malware. Here are a few of the more common methods used. >> Malware Detection Methods

Malware Detection Methods originally appeared on About.com Antivirus Software on Tuesday, October 20th, 2009 at 20:43:34.

Permalink | Comment | Email this

Are You Getting Updates?

Tue, 13 Oct 2009 23:47:14 +0000

Microsoft released a record number of security patches in the most recent round of updates - 34 for those who are counting. You might assume you are getting those updates automatically, but much of today's malware disables Windows automatic updating feature. It's a good idea to periodically check to ensure Windows automatic updates are still enabled. Here's how.

On a related note, Adobe has released patches to address actively exploited vulnerabilities in Adobe Reader and Acrobat. The number of versions impacted outnumbers non-affected versions by about 3 to 1. You can read about the latest Adobe flaws and get the Adobe patches here.

This is a good reminder to get a whole system patch assessment - it's free via Secunia Software Inspector.

Are You Getting Updates? originally appeared on About.com Antivirus Software on Tuesday, October 13th, 2009 at 23:47:14.

Permalink | Comment | Email this

Don't Forget: Free Copy of ZoneAlarm Pro 2010

Tue, 13 Oct 2009 01:59:16 +0000

Today's the day to get your free copy of ZoneAlarm Pro 2010. Normally sold for $40, this is an excellent opportunity to get solid firewall protection at zero cost. In addition to best of breed firewall protection, ZoneAlarm Pro 2010 also features:

� Advanced Download Protection adds additional layers of detection for downloaded files;
� Anti-phishing tools helps guard against scams that steal your username, password, or bank account details;
� Free Identity Protection Services provides daily credit report monitoring as well as Victim Recovery Services to recover quickly from identity theft should it occur.

Starting at 6 a.m. PST on Tuesday, October 13th and lasting only 24 hours,� you can download your free copy of ZoneAlarm Pro 2010 by visiting www.zonealarm.com/only24hours.

Happy Patch Tuesday from Check Point/ZoneAlarm!

Don't Forget: Free Copy of ZoneAlarm Pro 2010 originally appeared on About.com Antivirus Software on Tuesday, October 13th, 2009 at 01:59:16.

Permalink | Comment | Email this