Malware: how comes we are infected?

It was not the first time I had the same argue: some of my peers and even colleagues still think that the major infection method for client computers is through some kind of vulnerabilities which don’t involve stupidity. I believe (and I have some brothers in arm in my belief) that abovementioned “stupidity”, or let’s say lack of education and carelessness is the major threat. What am I talking about? Well… Some of the sources tells us that most of successful malware installs itself using USB sticks, shared drives or some kind of other user-involving technologies.

For example, in MS Security Intelligence report #9 (1H2010) we see the following table:

1

Win32/Taterf

2

Win32/Frethog

3

Win32/Renos

4

Win32/Rimecud

5

Win32/Conficker

6

Win32/Autorun

7

Win32/Hotbar

8

Win32/FakeSpypro

9

Win32/Alureon

10

Win32/Zwangi

 

These are the top 10 malware families detected on client computers. The 1st is the most often detected. The 10th, correspondingly, the least (of these 10, of course). Now I will just repeat the table with addition of infection mechanisms:

1

Win32/Taterf

Win32/Taterf is a family of worms that spread via mapped drives in order to steal login and account details for popular online games.

2

Win32/Frethog

Spreads Via…

Mapped Drives

3

Win32/Renos

Downloads of “video codecs” and other “goodies” from malicious sites. 
4

Win32/Rimecud

Win32/Rimecud is a family of worms with multiple components that spreads via removable drives, and instant messaging.
5

Win32/Conficker

No argues here: it is spreading through the vulnerability. And still: “it may also spread via removable drives and by exploiting weak passwords.”
6

Win32/Autorun

No arguing here, too: “spreads through fixed and removable drives by dropping copies of itself.
7

Win32/Hotbar

Install it yourself kit. Seriously.
8

Win32/FakeSpypro

Rogue:Win32/FakeSpypro may be installed from the program’s web site or by social engineering from third party web sites.
9

Win32/Alureon

Manual download (keygens, drive-by downloads, etc…)
10

Win32/Zwangi

Manual download.

 

You know what? I even don’t want to discuss it. Read one more report. And that’s all: no need to “hack” into your computer if a criminal can hack into your head.

Be careful at least this year and the following ones =)

Advertisements

One thought on “Malware: how comes we are infected?

  1. Pingback: Blog wrap-up for January 2011 » IT, IS, etc…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s