Could your computer already be infected?
In 2014 cybercrime has caused a great amount of cyber-security incidents. Two Anti-Virus Companies have put together estimates that lose billions each year! Symantec estimated that cybercrime victims worldwide lose around $360 billion each year, and a McAfee study has put cybercrime profits at $933 billion a year. It is estimated that there are more than 150,000 computer viruses in circulation and 148,000 computers infected daily. Here are some of the viruses you should be especially wary of.
This is known as the max++ and Sirefef, this is a rootkit that is responsible for numerous botnets that spread throughout millions of Microsoft Windows systems since around 2009. This one is used to download other malware on an infected computer and to form a botnet that is mostly involved in Bitcoin mining and click fraud, while remaining hidden on a infected system. Computers involved in Bitcoin mining generate Bitcoins for their controller, while the Computers used for click fraud will simulate clicks on website advertisements that are paid for on a pay per click basis.
This one is a Trojan targeting Microsoft Windows that was first documented around late 2010. It was originally deployed as an application called "HDD Defragmenter" hence the name "FakeSysdef" or "Fake System Defragmenter."
The Win32/FakeSysdef disguises itself as one or more of an innocent program that purports to scan your computer for hardware failures related to system memory, hard drives and even system functionality as a whole. They will scan the computer, show false hardware issues, and then present a solution to fine-tune the system performance or clear any viruses. They will then ask the user for a payment in order to download the repair update and activate the program in order to repair these contrived hardware issues.
This is a botnet that creates malware and its main use is to collect data, steal identities and bank information. Zeus is especially difficult to deal with because it is not just one botnet - it can create others to steal any data stored on your computer. This is primarily spread through what is called drive-by downloads and phishing schemes. This was first identified in 2007 when it was used to steal information from the United States Department of Transportation, it then became more widespread in 2009.
Alureon or TDSS
The Alureon (also known as TDSS) is a Trojan and bootkit that is designed to amongst other things, steal data by intercepting a system's network traffic and searching it for usernames, passwords and credit card data.
Computers will usually get infected by manually downloading and installing the Trojan software. Alureon has been known to be bundled with rogue security software the name changes but the deployment is the same. When the dropper is executed, it will first hijack the print spooler service (spoolsv.exe) and write a file system boot sector at the end of the disk and then changing the master boot record to execute this bootstrap routine. It will then infect any low level system drivers like those responsible for PATA operations (atapi.sys) to apply its rootkit. It also manipulates the Windows Registry and block access to Windows Task Manager and even the desktop, sometimes it will block access to Windows Update and attempt to disable some anti-virus software.
This one is a particularly nasty virus, it was first discovered in 2013, is a Trojan ransomware that targets computers running Microsoft Windows. The CryptoLocker attack can come from numerous sources, one is usually disguised as a legitimate email attachment.
When this is activated, the malware encrypts certain types of files on local and mounted network drives using RSA public-key cryptography, and the private key used to de-crypt it is stored only on the malware's control servers.
Then the malware displays a message offering to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by a specified deadline. If the deadline is not met it threatens to delete the private key If the deadline is not met. Then the malware will offer to decrypt data via a online service provided by the malware's operators, for a significantly higher price in Bitcoin.
The Cryptolocker has been cracked and can be defeated, but there are new variants that are still emerging. Most of the newer viruses I have ran across are more or less varients of the 5 main ones. In some instances the computer is so infected that a complete OS install is necessary. So that being said please be careful with email attachments, and if it sounds to good to be true it is. Stay protected my friends.