Big Boss
@bell.ca
| Is the spyware/malware problem as bad as it once was ?
I'm just asking out of curiosity. I remember back in 2004 how the infamous Cool Web Search and his other variants wrecked havoc on the internet. Hijack This log with multiple infections were appearing at an alarming rate on security sites and the problem was spreading quite fast. I used to clean computers for the fun of it back then (friends , family , co-workers ect) so i followed the " security scene" quite bit a but i had to quit and i'm very disconnected these days. Things seems to have calmed down a lot since i don't receive many calls of (and when i do it's for something minor)nor do i see posts like "My computer is ****ed up !!! HELP !!!" on non security related forums anymore.
I have heard that rootkits are the new "big dog" around but not much info other than that. So , what's going on right now in the security world of 2008 ?
PS : Sorry if it's not the right forum to ask but it's security related so....:). May an almighty mod move it if necessary. |
|
hayc59
Voodoo Child
Premium
join:2001-02-26
In A Dream | to make it short....Yes and its gotten worse. |
|
Big Boss
@bell.ca | reply to Big Boss
O_O
Worse in the sense that it's more widespread or that the threats are now harder to remove ?
Exemples ? |
|
Its a Secret
Rabidly yours
Premium
join:2008-02-23
Calgary, AB
edit:
March 23rd, @07:42PM
| If you take a quick look through this forum, you'll see a plethora of examples of this problem.
Seek, and ye shall find... 
(edited for typos) |
|
Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
 ·Verizon Online DSL
| reply to Big Boss
People as a whole haven't changed... both users and hackers. Which means the malware problem as a whole hasn't changed all that much, except perhaps in details and in one key area.
Where there have been noteworthy improvements in certain default security settings or capabilities in some out-of-box software or OS, there have been subtle changes in what people now do while online (torrents, social-network sites, etc) that can negate those security gains. Too many folks still click-through every warning barrier software designers can erect, and too many folks still fail to keep things updated/patched - but they still offer "reasons" why they persist in these habits. In the end, many of them still holler for help when the inevitable occurs. User ignorance and stubborness still abound.
Unpatched holes continue to be discovered and exploited... sometimes in software families dating back many years. Patches continue to be issued, occasionally falling short of being as comprehensive as folks might wish. Technology and software have evolved in both the protection camp and in the attacker camp, but the protectors are still playing catch-up to the attackers.
In some ways, malware's been a lot like grafitti or other gratuitous vandalism - there are always folks who do it, just because they can. That hasn't changed. However, one significant thing that has changed is that a lot of money is now moving around under the table due to malware... the criminal elements have gotten involved in a big, organized way by harnessing the compu-power of bot armies and phish farms. The result is organized financing of ever-nastier attacking technology and methods, and I believe this is taking a growing toll on the computer-using universe. The signs of that are littered throughout forums like this...
--
If God wanted us to work with electrons, He'd make them big enough to see... |
|
condor0022
@comcast.net
 from:
antdude 
| reply to Big Boss
The problem is not as bad as it used to be, as it was in 2002. All the operating systems nowadays have a built in firewall and most people also use a router which has decent built-in security as opposed to dial up. Almost all spyware nowadays comes as a result of the user doing something - going to questionable website, installing downloaded software, or clicking emails. Back in the day, all you had to do was have your computer on and you could get infected, due to lack of a firewall and that nasty messaging service. Almost all email servers now filter out viruses, although it's not spyware, you could almost run a computer without an antivirus today. I would not recommend this, but you could to it. Back in the day, all viruses came through and it was solely the user's responsiblity to use antivirus. Heck, there are even good enough free antivirus software today, which was rare in the early 2000s. Nowadays, you could even run without antispyware if you are careful.
Finally, other major changes are that most people WILL NOT install Real player anymore. Back in the day, it was a lot more popular but full of spyware. P2P programs are coming with less spyware (remember morpheus and kazaa?). People don't trust little plugins like the weatherbug without first checking reviews. And many people don't use internet explorer except when necessary for certain trusted websites.
I'm pretty sure computer power users could run on an antivirus software + router, and no other security software and be okay.
And most everyone else could install the security software that many broadbrand providers give you with your subscription and be okay. |
|
mozilla user
@rr.com
| reply to Big Boss
I think malware isn't as bad as it use to be, IE is much safer to use, there are more tools out there to remove malware. I also remember saying "you probably have a spyware problem " The person would say "what's spyware?" Now they say what programs do you use? |
|
Cudni
La Merma - Los De Aca
Premium,MVM
join:2003-12-20
Someshire
·BTOpenworld
| reply to Big Boss
of course it is as bad as it was
»AV Firms Scrambling to Keep Up
anti malware tools have been hardened, users are more aware but at the same time malware has evolved, hiding and protecting itself better. Now is not the time to take the eye of the ball. I doubt there will ever be such time
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
m0d
join:2005-03-02
ireland
edit:
March 25th, @12:20AM
| Bad is a relative term I think..
If you remember viruses such as Stoned or Tequila in terms of the damage done to your data and at the time not easy to recover.. I would say "malware" has become a LOT less "immediately" destructive over the years.
That said, while destruction to data is less or its easier for the "wise" to recover and tools seem better .. I would balance that statement with the threat of Identity Theft which was basically not heard of back then. Its not done for "fame" any more .. its done for financial gain. For every one of those "tech savy" out there .. there are 10 that will "click through" any warning .. and well that means the problem is 10 times worse depending on how you look at it. You only need to look at online fraud figures and add in the ID theft guys who skim cards (in real life) etc to see .. its a totally different problem now with much wider scope.
So .. it changed but overall, its not less damaging or destructive. In my day you lost 9 months of work on your thesis/final project if you didn't backup (or reverse the virus and recover manually ..).. these days you lose real cash and credit card info.. So the damage is equal if not more real .. just very different and a lot more sophisticated.
Malware moved from the "technical realm" to the "criminal" .. I will use the term "malware" lightly because technically Stoned and Tequila were just "jokes that escaped the lab" .. or so their respective authors claimed at the time. There is however a clear shift and while VM is great .. the "next big threat" would be exploits involving VM .. aka rootkit or VM exploits. Give them stealth back and here we go again ..
Just my 2 cents .. but while malware is maybe in a lul at the moment in terms of finding new things to exploit.. there will always be bad ppl out there who stoop to any level. Its only a matter of time before they find a new exploit.
In fact it was this issue lead me to this forum a number of years ago now and total respect to all those who share information or fight malware  |
|
HA Nut
Premium
join:2004-05-13
USA
edit:
March 25th, @05:56AM
| reply to Big Boss
Based on my totally "unofficial" internet travels, I think it's just as bad. Maybe worse. Besides messin' with a user's PC or trying to sell a fake malware scanner, we now have garbage that tries to steal personal/financial information. |
|
gkatwork
@oleane.fr
| reply to Cudni
Hello,
From the link "AV Firms Scrambling to Keep Up", one poster gives the following link :
»www.viruslist.com/en/analysis?pu···04791987
Where it is said that :
quote:
The total number of threats in 2007 more than doubled. In the big picture, Kaspersky Lab added almost as many new programs to its antivirus databases in 2007 as it had done in the course of the previous 15 years.
The Internet had never experienced anything like this onslaught of threats, and Kaspersky Lab was pressed to do everything in its power - and sometimes even perform the impossible - in order to combat these threats. This is a cause for serious concern; if the situation does not change in 2008 (and there is no cause to think that it will), then the number of threats will again have doubled by the end of the year.
Regards. |
|
