Rosa Holloway's Blog

This week, Microsoft has released a security update for all Windows systems that addresses a vulnerability that has been used in several malware programs, including several types of Trojans that attempt to steal your credit card or banking data.

If you have your computer automatically install Microsoft updates, you don’t need to take any action.  But this might be a good time to verify that those updates are installed.  This specific update is:  Microsoft Security Bulletin MS10-046 – Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198).  It should have been installed automatically on August 3rd.

This is really only one little crack that these malware programs use and this is a good opportunity to alert you about some of the methods used to steal your credit card and banking information.

Most of us are familiar with (and avoid) the old fashioned phishing email where someone uses a bank logo and tries to convince you to click the link in the email to “update” your credit card or bank information.  Banks and credit card companies have been very helpful to educate us all that they do NOT use email to obtain any of this type of information.

Criminals have developed other ways to get the very same information.  Some of us have learned about “key loggers” which are programs that record keystrokes (Wikipedia has a fair overall description).  These little pests are best dealt with by having good antivirus and antimalware programs installed and up to date.

What is happening more recently is that certain malware programs are triggering pop-up windows when you key in a targeted bank or credit card web site.  Network World has an excellent article describing these infections in detail and a good screen capture of what the fake pop-up looks like.  I highly suggest reading the article here:  Zeus Trojan attempts to exploit MasterCard, Visa security programs.  On a similar track, AVG has tagged a new group of these sites and malware programs they have labeled as “mumba botnet”,  Roger Thompson’s blog has details.

• Google Chrome 5.0.375.86
• Mozilla Firefox 3.6.4
• Adobe Flash Player 10.1
• iTunes 9.2
• Apple iPod/iPhone OS4

If you use any of these applications, check your version and upgrade if you don’t have the latest as listed.  All of these updates address security vulnerabilities.

More details at:  CERT

Malware is today’s number one security threat on a personal computer.  The term malware is sometimes used interchangeably with the broad definition of computer viruses.  Malware is malicious software such as Trojans, worms, rootkits, spyware, unauthorized adware, and true viruses.  Malware programs tend to feed off each other by design. 

A Trojan hides by disguising itself as a system file and often downloads other malware.

A worm continually changes form.  Worms make copies of themselves using random names and generally mutate during and after a system reboot.

Unauthorized adware can be one of the most frustrating types of malware.  Common tactics used by several forms of Fake Antivirus are popup windows that try to elicit activation of hyperlinks to malicious websites, usually phishing for your credit card information. Because their presentation is visual, they can be very deceptive.

Today’s most prevalent computer viruses employ a combination of all of these actions, sometimes disabling targeted antivirus programs and blocking popular antivirus websites.

It would be nice to have an omnipotent antivirus program.  Unfortunately, no single program catches everything out there.  It’s a good idea to have more than one—just remember some antivirus programs might not work in combination with others.

Check out the Wikipedia List of antivirus programs.

Also see two of my favorite supplemental programs that work well with others.

Malwarebytes                SuperAntiSpyware