HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 10 MINUTES AGO.
You are here: Home / Hardware / When Good Browser Add-Ons Go Bad
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
When Good Browser Add-Ons Go Bad: App Loads Malware
When Good Browser Add-Ons Go Bad: App Loads Malware
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MAY
07
2014

It was initially classified as harmless by security firms, but a Web browser add-on drove a three-fold increase in infections on Windows computers at the end of 2013. That's the report from Microsoft's Trustworthy Computing Security Science team. And that's not the only malware that has flown under the radar screen.

But there is also good news. Microsoft reported a 70 percent decline in the number of severe vulnerabilities -- classified as those that can enable remote code execution -- that were exploited in Microsoft products from 2010 to 2013. That proves new security tools are helping PC users win the fight.

"While this trend is promising, cybercriminals aren't giving up. Our data shows that in the second half of 2013 there was a noticeable increase in cybercriminal activity where attackers used deceptive practices," said Tim Rains, a director in Trustworthy Computing at Microsoft. "The continued increase in deceptive tactics is striking; in the last quarter of 2013, the number of computers impacted as a result of deceptive tactics more than tripled."

Avoiding Deceptive Tactics

The number of infected Windows computers jumped from 5.8 per 1,000 in the third quarter to about 17 per 1,000 in the last quarter of the year, largely due to malware called Rotbrow, which masquerades as a security add-on called Browser Protector, Rains said. Rotbrow is a "dropper," meaning it has the ability to download other malware onto a computer. But because it didn't initially download any malware, security firms labeled it benign. Later on it began to do just that and Microsoft spotted it.

It's these so-called "deceptive tactics" that often go undetected by many security firms, Microsoft said. And deceptive downloads -- which are often bundled with legit content like games, music and software -- are the top threat in 95 percent of the 110 regions in the study.

"In addition to what the person thought they were getting, the download also installs malware. The malware may be installed immediately or at a later date as it assesses the victim's computer's profile," Rains said. "It could be months or even years before the victim notices the infection, as often these malicious items operate behind the scenes with the only visible effect being slower performance on the system that was infected."

In the last half of 2013, Microsoft reports, deceptive downloads were definitely in vogue with cybercriminals. Ransomware -- where a cybercriminal hijacks a PC and holds it for ransom until the owner pays a fee -- are also on the rise with a 45 percent year-over-year increase.

"It is important to note that while deceptive tactics have increased in prevalence, there are actions people can take to help protect themselves and their organizations," Rains said. "Using newer software whenever possible and keeping it up to date, only downloading software from trusted sources, avoid opening e-mail and instant messages from untrusted or unknown senders, running antivirus software and keeping it up to date, and backing up valuable data and files, make it much harder for attackers who use deceptive practices to be successful."

'Click Happy' Users

We turned to Dwayne Melancon, chief technology officer for security firm Tripwire, to find out what he had to say about Microsoft's report. He told us we tend to focus on technology when we talk about cyberattacks, but most successful attacks rely on deceiving people into thinking they are doing something they want to do.

"It's encouraging to see that there were fewer exploits that relied on security holes in Windows, Adobe Reader, and Adobe Flash in 2013, but the number of compromised computers skyrocketed anyway," Melancon said.

That, he said, is because there is a huge population of "click happy" users who download infected files and click on links that lead to malicious sites.

"We are making good progress plugging the technology holes, but social and psychological vulnerabilities are the ones most commonly exploited by cyberattackers," he said. "Unfortunately, there's no patch for user naivete."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
ISACA® offers a global community of more than 115,000 IS/IT constituents in over 180 countries. We develop and deliver industry-leading certifications, education, research and business frameworks. We equip individuals to be leaders in the fast-changing world of information systems and IT - Learn More>
MORE IN HARDWARE
Product Information and Resources for Technology You Can Use To Boost Your Business

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.