Print this page
Thursday, 24 October 2013 19:23

Malware trends and intentions: patches and fixes only lead to new exploits

Written by

Reading time is around minutes.

Malware is a nasty thing that touches every corner of the consumer electronics market. No matter what type of device you have someone, somewhere will find a way to write malware to compromise it. Over the last two weeks there has been a resurgence of a very nasty bit of Malware called CryptoLocker. This malware sneaks in through poisoned websites or emails (typically in a .zip file) using multiple flaws in Java. Once in it reaches out and encrypts every Microsoft office file it can see including on shared drives. There is no real cure for this one and you end up losing data and time as you reload your computer.

 

But even CryptoLocker is not the worst thing out there. There are new exploits and flaws that are always under investigation by the “bad guys” out there. It is a never ending process and, sadly, they are in the lead. As we have mentioned in the past far too many companies allow software and devices to be released to the world without proper testing. The intention is usually there to patch these flaws, but by the time they get around to it, someone else has discovered them and we have a new Malware on the streets.

What is even more interesting is the fact that when companies do fix holes in their software all that does is start the conversation again. Right after Oracle updated Java to patch a number of flaws I was told about a “discussion” of exploits and flaws for Java. Some of these were over five years old and were still functional while others were new. From what I was told, this is very normal and appears to confirm a suspicion that I have had for a while: if an exploit is not made public or is not widely used no effort is made to patch it. There also appears to be a big malware push right after an update is released so that they can reach more people before everyone can update their software.

Between flaws in operating systems, plug-ins and bad user habits the malware writers have a very easy time of it. To give you a simple example during a recent malware outbreak one user actually stated: “It was a weird email so I opened it to see what it was”. The user clearly knew it was out of the ordinary, but opened it anyway and caused a serious amount of damage to the network. The same user never reported the initial infection, but just moved to another computer. They only reported that their files appeared to be corrupted. By the time anyone was made aware of the infection it was hours later and additional files have been damaged. This type of scenario is repeated daily around the world and not just with malware that is visible. If someone installs malware on a system that is designed to hide and gather information it could remain unnoticed for long time.

The people that are behind the spread of malware know these patterns and exploit them just as much as they do flaws in software and hardware. This makes stopping malware impossible and even makes slowing it down a tall order. Things become even more complicated when you understand that malware prevention is a big money making business.

Tell us what you think in our Forum

 

Read 2796 times Last modified on Thursday, 24 October 2013 19:28
Sean Kalinich

Latest from Sean Kalinich

Related items