Category: Software

Malware Statistics

Symantec, a  large security company, have reported that there are now more malware writers than legitimate software writers.

They state that 65% of the 54,609 Windows applications released to the public in the past 6 months were malicious.

Another interesting statistic from this report is the percentage of browser plug-in vulnerabilities:

  • 79% ActiveX
  • 8% QuickTime
  • 5% Java
  • 5% Flash
  • 2% Windows MediaPlayer

What this means is that by disabling ActiveX from your web browser (Internet Explorer) you can avoid 79% of web browser plug-in attacks. Here’s an article on how to disable ActiveX.

As for the other types of plug-ins, keep them patched and up to date to reduce the risk of infecting your computer.

Here is Symantec’s internet security report.

WordPress 2.5

Last night I upgraded this website to WordPress 2.5. Why? Because it’s important to always use the latest version of software.

The previous version (2.3.3) was doing well, it did everything I needed. But as with any piece of software vulnerabilities are eventually found and exploited. The good people at WordPress release new versions not only to add new features that I may or may not need, they fix vulnerabilities.

Recently a vulnerability was found in WordPress 2.3.3 (the previous version of WordPress). At last count there were 21,800 websites in the world using that version and are vulnerable to hacking. And on the 19th of March 2008 a vulnerability was found in WordPress 2.1.3.

The solution as always is to upgrade to the latest version as soon as it becomes available (you still need to test the upgrade and backup your files before doing any upgrade).

So version 2.5 is more secure. The new features it provides are nice but security should be the first priority. Imagine if this website were hacked and visitors’ PCs became infected just by browsing this site!

WordPress

Notes:

  • WordPress is the software that powers this website. I highly recommend it to anyone wanting to start a new website.
  • I’ve been updating the sidebar on the right, apologies if it doesn’t look right.

KeePass

KeePass Password Safe is a Windows application that can store all your logins and passwords. It has a long list of useful features and can even generate random passwords for you.

Some features that make this a good tool:

  • Passwords are encrypted, making them impossible to read without the master password
  • You can use a new password for every site without forgetting which is which
  • You can use complicated (strong) passwords more easily
  • You can backup your password list to a file (e.g., onto a USB flash drive that you store safely)
  • It’s open source. Everyone’s free to inspect the source code and convince themselves this program is safe and doesn’t do anything malicious with your passwords. This is very important.

Of course you need to have a computer you trust and use often for this program to be of any use to you. Use a good anti virus package and regularly backup the machine.

KeePass’s website is here.

Password Meter

Recently we mentioned Microsoft’s Password Checker. Today we’ve come across a much more sophisticated password testing program, Password Meter.

Password Meter measures a wide range of password metrics and gives them weighted values. It’s quite thorough.

Apart from strong passwords the following tips are useful:

  • Ensure nobody watches you type in your password
  • Keep your computer safe from key-logging programs. Use a good anti-spyware tool for this
  • Change your password often (every 1-2 months)
  • Don’t log into important sites on a public computer, such as at an internet cafe. Important sites include online banking sites, eBay, or any sites where money transactions can occur

Password Meter’s site is here.

Fake Anti Spyware

Brave Sentry is a fake anti spyware product that’s been going around a lot lately. It’s also known by these names:

  • Brave Sentry
  • Spy Sheriff
  • Spyware Quake
  • SpyFalcon

Once it gets onto your computer it tells you it found a large number of threats. For example, it could say “BraveSentry Scan found 138 threats“. This is false, following its instructions takes you to a site asking for money to remove the spyware.

Here’s a procedure on how to remove Brave Sentry, if you happen to become infected.

And to avoid infection follow these tips:

  • Install a good (and well known) anti virus/anti spyware product.
  • Avoid using Internet Explorer. Use one of the current alternative browsers such as:
  • Always use the latest web browser versions, download updates frequently.
  • Never ever download or run programs just because an email or a web site asked you to. This includes things like codecs to watch videos (unless you’re quite technical and know what you’re doing).
  • Avoid warez and porn sites (they’re often infected with malware)

    • FlashGet Malware

    FlashGet is a popular free download manager. The latest version has a problem and someone exploited this problem causing anyone downloading this program to install a trojan on their computer.

    Any version starting with the number 1.9 is susceptible to this problem. And if you downloaded it between the 29th of February 2008 and the 14th of March 2008 then it probably installed a trojan on your computer.

    This is what FlashGet looks like:

    image

    Some useful advice:

    • Use a different download manager
    • Purchase a good antivirus package and scan your computer

    Funny Postcard

    If you receive an email taking you to a web site called “FunnyPostCard” delete it, it’s a trick to get you to download a malicious bit of code that takes over your computer.

    The website also says www.funnypostcard.com , or FunnyPostCard.Com . The files it asks you to download is called e-card.exe and postcard.exe .

    Windows Mobile PocketPC Trojan

    There’s a new trojan going around for Windows Mobile PocketPC devices. Once installed on a device it sends some details to the person who wrote it, and it leaves a back door to allow the author to install programs on your device without your permission.

    pocketpc It’s being called WinCE/InfoJack by antivirus companies. It gets installed when you download a legitimate program from a “hacked” site. For example, it’s been detected in Google Maps (a hacked version of Google Maps, not the original one).

    To safeguard against these type of malware only download applications from the vendor who created it. In the case of Google Maps, you should download it from Google’s own website and not a more generic download site.

    You should also invest in antivirus software for these devices.