Yikes!
The online world is under attack. I was one of the poor suckers whose computer defenses failed to repel this attack and bore the costs of re-building my system after a recent malware attack. The attack got around my “always on” Norton 360 anti-virus protection and dumped a nasty malware code on my computer that took my computer tech person a good deal of effort (and cost to me) to eradicate.
The malware I confronted was one that launched without any executable file after I clicked on a link at an untrustworthy site. It was an attack that placed a fake “personal anti-virus” pop-up onto my desktop computer. This malady labeled “scareware” by some and “malvertising” by others was recently covered in The Washington Post “Tech Mechanic” column.
The antidote to the attack doesn’t seem to be traditional anti-virus software as PCMagazine blogger Larry Selzer covered in a recent posting. As he said “detection rates for scareware are typically low… [it] doesn’t do anything that looks malicious to a security program.”
The attacks have escalated with The New York Times, the “Drudge Report,” Horoscope.com and other sites all being bombarded with Personal Antivirus malvertising over the past couple of weeks according to Computer World. The article referenced the fact that ScanSafe “the world’s largest software as a service security vendor,” found that the ads were placed through major online advertising networks including DoubleClick, FastClick and YieldManager. ScanSafe also found that only “3 out of 41 antivirus vendors detected the malware.” As The Tech Herald described in a recent review of the attack on The New York Times “the rogue anti-virus will hinder system performance, block access to various Web sites and security applications, as well as open the system for further malicious downloads.”
Having experienced this attack, I can tell you that it definitely did the first few of these, but was eradicated before there were any malicious downloads.
Why is this a concern?
These attacks could decimate online commerce, community, search and content consumption if consumers begin to doubt the veracity of online advertising, Web-based links or online resources. In addition, if consumers bear the brunt of the time and money associated with cleaning up this junk, they’ll be loath to continue to face another potential attack with the resulting consequences — and will begin to shift their attention and dollars elsewhere.
What needs to be done?
I have several suggestions, compiled from a multitude of resources and my own perspectives after facing this attack. There is a role for a wide ranging counterattack from advertisers, publishers, the government and consumers. This counterattack should include the following:
- Government — go after these sleazy operators, shut them down and convict them.
- Anti-virus companies — Norton Anti-Virus and other major anti-virus companies need to build in the appropriate reputation and behavioral filters to catch these scareware attacks or partner with others that do.
- Microsoft — has to get better at stopping these intrusions into their operating systems.
- Consumers — need to be encouraged to include Malwarebytes, Spybot Search & Destroy BitDefender, Ad-Aware or other malware tools as part of their security armamentarium.
- IT Shops — need to load the appropriate anti-virus malware catching software on their user’s systems
- Web Hosting Companies — need to be cognizant of the potential for these threats and try to eradicate them from their servers.
- Ad Networks — these firms need to beef up their security measures and verification activities to ensure that advertisers are legitimate.
Take note, beware and prepare yourself and your company, as you could be the next victim of these attacks.
For more e-business insights and resources, you can follow me on Twitter @thewebchef.
