PC World Philippines :: Kaspersky Lab

Posts Tagged ‘ Kaspersky Lab ’

More attacks on PH government websites possible, says Kaspersky Lab

By Fei on July 5, 2011

July 5, 2011

The recent attack on the official website of Philippine Vice President Jejomar Binay could just be the start of more attacks on government websites.

Costin Raiu, Kaspersky Lab Global Research and Analysis Team Director, says the government must put in place their own defense strategies against attacks on government websites. They must also conduct security audits of their servers as soon as possible to identify potential vulnerabilities.

“First of all, it’s important to have an anti-DDoS (distributed denial-of-service) plan – be it from increasing the internet bandwidth to purchasing a specific anti-DDoS service plan,” Raiu says.

DDoS is done by overwhelming a target website with visits from different sources until the site crashes from handling too many visits.

Raiu adds that in case vulnerabilities are found, the websites’ servers must go offline temporarily to reduce damage.

“Past logs should be analyzed for previous probes which could have uncovered bugs than can now be exploited,” he says.

“Given the past incidents of this kind, it is expected that the attack will consist of a DDoS flood designed to bring down the server and make it unreachable. It’s possible the confidential information will be sought after, so the defense strategies would be multiple,” Raiu warns.

According to the Kaspersky expert, even with the best ways to protect websites, there could still be attacks that might get through. As such, Raiu says governments must have contingency plans in place to ensure continued operations of the websites.

“Of course, a highly sophisticated targeted attack will always succeed–this is why there should be mitigation steps as well as disaster recovery procedures–like backups, server replacement/relocation and redundancy,” Raui said.

Website hacking is one of the oldest forms of cybercrime. The defacement of a website is intended to insult the owners and sometimes as a hobby. Later, these attacks became a form of game for hacker groups.

When websites of government offices are defaced, the attackers are doing more than just a hobby; they may be sending out a message of disrespect and one goal is to show people that they are not protected by their government. The attacks could be in a form of website defacement though other techniques include DDoS.

Aside from the defacement of the official website of the Vice President, other government websites have also fallen victim to hackers. These include the Department of Labor and Employment (DOLE), Philippine Nuclear Research Institute (PNRI), and the Food and Drug Administration (FDA). Last year, the websites of the Technical Education and Skills Development Authority (TESDA), the Department of Interior and Local Government (DILG), and the Philippine Information Agency (PIA) were also hacked.

Similar attacks on Malaysia’s government websites were done by a group of hackers.

Ransomware called GPCode returns, Kaspersky Lab warns

By Fei on April 15, 2011

April 15, 2011

A new variant of the malicious program GPCode, classified as ransomware, has been found and identified by content security and threat management developer Kasperky Lab as Trojan-Ransom.Win32.Gpcode.bn. Its mode of attack is by encrypting specific data on an infected computer and generating a message on notepad threatening to delete the encrypted file unless the computer user pays the ransomware’s creator US$125 in equivalent vouchers to the international payment gateway Ukash.

The first attacks by the new GPCode variant were detected in late March this year. The malware itself was first discovered in 2004 and appeared again on the threat landscape in late 2010.

According to Kaspersky Lab senior malware researcher Nicolas Brulez, the new GPcode variant is an obfuscated or encoded executable, which makes it difficult to initially identify as a malware. It infects computers using drive-by downloads that occur when an infected website is visited.

The Trojan then starts running in the system, encrypting data without the user’s knowledge. It will then open a text file-based ransom message to the PC user, warning the user that if ransom is not paid, the encrypted key will not be sent to the victim and the file will be deleted. This is the message which is displayed on the PC screen:

At this point, the hard drives are being scanned for files to encrypt. The file extensions used to determine whether a file is to be encrypted or not are kept in an encrypted configuration file. This means the GPCode Ransomware Trojan is easily updated with a new configuration file.

Brulez also noted that cybercriminals are veering away from traditional payment modes such as direct money transfer. He said they now prefer prepaid cards or vouchers instead, which lessens the chances of them being followed or captured.

Brulez said that while a victim could possibly give in to the demands of the file hostage taker, he recommends not changing anything on the system as it may prevent potential data recovery later on. He added that one of the quickest ways to prevent malware damage is turn off the PC or simply pulling out the power plug.

There is almost no way to recover the encrypted file and the best way to prevent any more damage is to simply make backups the next time.

“We haven’t seen any evidence of a time-based file deleting mechanism despite claims by the malware writer that files are deleted after ‘N’ number of days,” says Brulez. “Nevertheless, it is better to avoid any changes that could be made to the file system which, for example, may be caused by rebooting the computer.”

Kaspersky Lab aims for 20% of enterprise security market in PH

By Fei on March 6, 2011

March 6, 2011

There are about 1 million registered businesses in the Philippines from small-to-medium scale enterprises, which account for nearly 90 percent of all registered businesses, to large corporations. According to the International Data Corporation (IDC), information technology spending in the Philippines is expected to grow to US$3.63 billion by the end of 2011. This already points to considerable potential for the IT network security industry to serve the business sector.

In a recent press conference, leading developer of secure content and threat management solutions Kaspersky Lab said they intend to grow their market share in the Philippines by 20% in the next two years. Despite the presence of several other security providers, Kaspersky Lab executives said they will have a more strategic approach in the business sector in the Philippines.

Jimmy Fong, Kaspersky Lab Southeast Asia channel sales director said they have been receiving numerous queries for their services in the Philippines in the past months, owing it to the strong brand of their consumer-level Kaspersky Lab security products. He said they have gradually built their reputation in the Philippines to gain market acceptance in the business sector.

He said they will be extensively building more channel partnerships in the Philippines to accommodate the network security requirements of local companies.

“The way we do things is different. Yes, there are the other software security companies already having a marketshare in the Philippines but there is a lot more room to grow and we believe there are a lot more opportunities now especially with all types of companies now becoming more proactive in securing their business from high-tech attacks,” Fong said.

Fong said many cybercriminals are veering away from attacking individual PCs due to the lower profit margins they get from single users. Instead, they are putting more effort in infiltrating enterprises as this sector offers more financial gains. Apart from stealing personal data, cybercriminals also conduct corporate espionage and steal business data.

He also said cybercrime rings are joining forces to develop more sophisticated malwares. For instance, the Stuxnet worm attack from last year demonstrated that such tools have impressive capabilities. Programs similar to Stuxnet will become integrated in malwares developed by organized cybercriminals to attack companies.

“Most companies are not aware of these types of weapons used by organized cybercriminals simply because they’re very new. Nevertheless, business owners will always want to be secured and many of them are approaching us specifically for this end,” Fong said.

Kaspersky Lab recently released an updated version of its Kaspersky Lab Open Space Security (KOSS), a full security suite that covers multiple IT platforms. It provides protection against all types of Internet threats and can be installed in Microsoft Windows and Linux-based servers, as well as Macs.

It provides antivirus and mail-gateway protection for Microsoft Exchange, Lotus Notes, and Lotus Domino.

A unique feature of KOSS is its support for the most popular smartphone operating systems, such as Windows Mobile, BlackBerry and Symbian 60. This can effectively stop cybercrime from the smartphone endpoint especially when businesses, through their employees, use mobile devices to input sensitive data.

Fong says the new KOSS provides businesses with a new level of protection from malware and other threats.

“By providing protection to complex and multi-platform networks of just about any size, KOSS is ideal for the way we do business today, where we transact using critical data through laptops and even our smartphones. Everyone now enjoys a mobile working lifestyle where we just work from anywhere and anytime. With KOSS, businesses can enjoy convenient and hassle-free computing without compromising precious data from all types of malware attacks,” Fong says.

Alex Ng, Kaspersky Lab Southeast Asia product manager said the new KOSS is developed for all types of industries from financial, pharmaceutical, manufacturing, utility, retail, transportation, and even government.

“The KOSS can be used for businesses of any size, be it less than 100 to more than 100 nodes. A node can be a PC, a server, or even a smartphone. With KOSS, all the security needs of a company is completely covered,” Ng said.

Cybercrime Outlook 2020 from Kaspersky Lab

By Fei on March 6, 2011

March 6, 2011

Kaspersky Lab presents its forecast for the IT threat landscape for the period 2011-2020. The forecast is based on an analysis of the main changes and issues in the sphere of IT security over the past decade, as well as emerging trends in the development of personal computers, mobile phones and operating systems.

According to the company’s analysts, the most significant trends of the last ten years (2001-2010) were:

- Mobility and miniaturization. Smaller and smaller devices can now access the Internet from virtually any point on the globe; making wireless networks the most popular method of connecting to the web.

- The transformation of virus writing into cybercrime.

- Windows maintaining its leading position as a vendor of operating systems for personal computers.

- Intense competition in the mobile platform market with no clear-cut leader.

- Social networks and search engines – the primary services of today’s Internet.

- Internet shopping – this sector already generates revenues that dwarf the annual budgets of some countries.

The defining feature of the next decade will be the end of Windows’ domination of user operating systems. Though Microsoft’s brainchild will remain the primary business platform, everyday users will have access to an ever-expanding variety of alternative operating systems. Notably, even now the number of devices accessing the Internet via Windows and non-Windows platforms are almost the same, with the latter even occasionally exceeding their Microsoft counterparts.

The growing number of new operating systems will affect the process of threat creation: cybercriminals will not be able to create malicious code for large numbers of platforms. This leaves them with two options: either target multiple operating systems and have many individual devices under their control, or specialize in Windows-based attacks on corporations. The second variant will probably appeal to them more – by 2020, targeting individual users will become much more complex because the emerging trend of making payments electronically and using online banking will continue, but biometric user identification and payment protection systems will become the norm.

The coming changes in operating systems and their specifications will affect virus writing techniques as these new systems evolve. Many cybercriminals who used to target Windows devices will have to become adept at exploiting the new-generation operating systems. To retain their ‘place in the sun’, today’s cybercriminal will need to enlist the help of members of the younger generation who are capable of writing malicious code for the new platforms. However, this state of the affairs cannot prevail forever and we may well see ‘turf wars’ between different hackers and hacker groups.

Cybercrime in 2020 will almost assuredly be divided into two groups. One group will specialize in attacks on businesses, sometimes to-order. Commercial espionage, database theft and corporate reputation-smearing attacks will be much in demand on the black market. Hackers and corporate IT specialists will confront each other in the virtual battlefield. State anti-cybercrime agencies will probably be involved in the process too and will have to deal predominantly with Windows platforms, in addition to the latest versions of traditional *nix systems.

The second group of cybercriminals will target those things that influence our everyday lives, such as transport systems and other services. Hacking such systems and stealing from them, making free use of them and the removal and changing of personal data about customers’ activities will be the main focus of attention of the new generation of hackers, who will make a living this way.

The trend that has seen the Internet become both a popular resource for communication, entertainment and news, and a specially designed tool for Internet commerce and online payments, etc. will continue. The ‘online user-base’ will expand to include many mobile and smart devices capable of using the web to exchange or transfer information without the need for human intervention.

Botnets, one of today’s most potent IT threats, will evolve dramatically. They will incorporate more and more mobile and Internet-enabled devices, and zombie computers as we know them will become a thing of the past.

The tools and technologies used in the field of communications will undergo massive change. These changes will see greatly increased data transfer rates and enhancements that will make the virtual communication experience much closer to that of real-life: by 2020, communication via the Internet with the help of a keyboard will be the stuff of old movies, meaning spammers will need to seek out new ways of delivering their unwanted correspondence to addressees across the globe. The first step the spammers will take is to change from targeting desktops to mobile devices. The volume of mobile spam will grow exponentially, while the cost of Internet-based communications will shrink due to the intensive development of cellular communication systems. As a result, users will be less likely to worry about unwanted advertising material.

The old adage ‘Knowledge is power’ will be more relevant than ever before. The struggle for the means to collect, manage, store and use information, about everything and everybody, will define the nature of threats for the next decade. Therefore the problem of privacy protection will be one of the key issues of the decade.

More information at www.kaspersky.com.

Kaspersky Lab to Support VMware vShield for Virtual Data Centers

By Fei on March 6, 2011

March 6, 2011

Kaspersky Lab, a leading developer of secure content and threat management solutions, announces upcoming support for VMware vShield Endpoint to be delivered later this year. Kaspersky’s support of VMware vShield Endpoint will offer comprehensive protection for virtual machines from the latest malware threats without compromising speed and performance.

VMware vShield Endpoint streamlines and accelerates antivirus and anti-malware processing. It improves performance and provides comprehensive security by eliminating the need for agents in every virtual machine. In addition, the solution optimizes resource utilization by offloading anti-virus processing to a single security virtual machine, delivered by Kaspersky Lab.

In 2010 Kaspersky security experts collected more than 26 million unique malware samples challenging businesses of all sizes to deal with this rapidly escalating threat landscape. This challenge is only complicated by increasingly decentralized and ever-expanding computing environments. Plus, many companies lack the resources to effectively cope with the difficulties of securing their computing infrastructure, and can ill-afford the potential damage and exposure that comes from poor protection.

“Kaspersky Lab is truly excited to support VMware vShield for our mutual customers. Our support of VMware vShield enables our clients to securely maintain state-of-the-art, multi-layered anti-malware strategies across virtual environments and heterogeneous IT infrastructures, with a level of performance and Total Cost of Protection that truly meets their business needs,” commented Nikolay Grebennikov, Chief Technology Officer at Kaspersky Lab.

“As a leading provider of high-performance endpoint security solutions, VMware is committed to working closely with Kaspersky to protect the rapidly growing number of virtualized environments. We are collaborating with Kaspersky to deliver a tightly integrated solution to secure and optimize the performance and protection of our mutual clients,” said Parag Patel, Vice President, Global Strategic Alliances at VMware.

Kaspersky Lab is the largest antivirus company in Europe. It delivers some of the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world’s top four vendors of security solutions for endpoint users. Kaspersky Lab products provide superior detection rates and one of the industry’s fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky® technology is also used worldwide inside the products and services of the industry’s leading IT security solution providers. Learn more at: www.kaspersky.com. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit: www.securelist.com.

New Twitter worm redirects users to rogue AV

By Fei on February 16, 2011

February 16, 2011

Kaspersky Lab, a leading developer of secure content and threat management solutions, warns users about a new, fast-moving Twitter worm which exploits Google’s goo.gl service of truncated links.

The truncated URLs are lightweight and popularly used in micro-blogging systems, limiting the length of messages for users of services such as Twitter. However, shortened links can seriously threaten computer security, because the text of a truncated URL is relatively obscure and a user does not know what it contains prior to ending up on an infected site. Hackers are managing to successfully lure the unwary into using their malicious truncated links.

A recently discovered Twitter worm’s redirection chain pushes users to a webpage that delivers a rogue AV called ’Security Shield’. After several redirections, a user is transferred to the page related to the rogue AV distributive. The page uses obfuscation code techniques that include an implementation of RSA cryptography in JavaScript. Kaspersky Lab experts have found thousands of Twitter messages continuing to spread the worm.

Kaspersky Lab malware researcher Nicolas Brulez discovered that once you are on this website, you will receive a warning that your machine is running suspicious applications. The warning invites users to remove all the threats from their computer, and download the ‘Security Shield’ rogue AV application. As usual, the result of downloading the program is that the user’s machine is infected with malicious programs.

All Kaspersky Lab products are capable of detecting this threat via their inbuilt heuristic analyzer. However, users should always bear in mind that clicking on random links may lead to severe infection of their machine.

Kaspersky Lab experts believe that Stuxnet manifests the beginning of the new age of cyber warfare

By Fei on September 28, 2010

September 28, 2010

The recent Stuxnet worm attack is sparking lots of discussion and speculation about the intent, purpose, origins and — most importantly – the identity of the attacker and target.

Kaspersky Lab has not seen enough evidence to identify the attackers or the intended target but confirms that this is a one-of-a-kind, sophisticated malware attack backed by a well-funded, highly-skilled attack team with intimate knowledge of SCADA technology.

SCADA or supervisory control and data acquisition refers to computer systems that monitor and control industrial, infrastructure, or facility-based processes. Similar systems are widely used in oil pipelines, power plants, large communication systems, airports, ships, and even military installations globally.

Kaspersky Lab believes that the Stuxnet work attack could only be conducted with nation-state support and backing.

“I think that this is the turning point, this is the time when we got to a really new world, because in the past there were just cyber-criminals, now I am afraid it is the time of cyber-terrorism, cyber-weapons and cyber-wars,” said Eugene Kaspersky, co-founder and chief executive officer of Kaspersky Lab.

Speaking at the Kaspersky Security Symposium with international journalists in Munich, Germany, Kaspersky described Stuxnet as the opening of “Pandora’s Box.”

“This malicious program was not designed to steal money, send spam, grab personal data. No. This piece of malware was designed to sabotage plants, to damage industrial systems,” he said.

“I am afraid this is the beginning of a new world. The 90’s was a decade of cyber-vandals, 2000’s was a decade of cybercriminals, I am afraid now — it is a new era of cyber-wars and cyber-terrorism,” Kaspersky added.

Researchers at Kaspersky Lab independently discovered two of the of the four, separate zero-day vulnerabilities that the worm exploits, which they reported directly to Microsoft. Kaspersky Lab analysts then coordinated closely with Microsoft during the creation and release of patches or software fixes for these vulnerabilities.

In addition to exploiting four zero-day vulnerabilities, Stuxnet also used two valid certificates (from Realtek and JMicron) which helped to keep the malware under the radar for quite a long period of time.

The worm’s ultimate aim was to access Simatic WinCC SCADA.

The inside knowledge of SCADA technology, the sophistication of the multi-layered attack, the use of multiple zero-day vulnerabilities and legitimate certificates bring the public to an understanding that Stuxnet was created by a team of extremely skilled professionals who possessed vast resources and financial support.

The target of the attack and the geography of its outbreak (primarily Iran) suggest that this was not a regular cyber-criminal group. Moreover, security experts at Kaspersky Lab who analyzed the worm code insist that Stuxnet’s primary goal was not to spy on infected systems, but to conduct sabotage. All the facts listed above indicate that Stuxnet development was likely to be backed by a nation state, which had strong intelligence data at its disposal.

Kaspersky Lab believes that Stuxnet is a working – and fearsome – prototype of a cyber-weapon, that will lead to the creation of a new arms race in the world. This time it will be a cyber-arms race.

RP slides from Top 20 most-attacked countries by malware in Q2 of 2010, reports Kaspersky Lab

By Fei on September 9, 2010

September 9, 2010

The Philippines disappeared from the top 20 countries that received malware attacks after being in the list for several months, according to a report by leading Internet security and content management developer Kaspersky Lab.

Bangladesh took on the 19th place of the Philippines, which received 1.25 percent of infection attacks.

The Philippines also slid in the list of countries having servers that host malicious applications from 8th place in Q1 of 2010 to 18th place in Q2. This is primarily due to the falling popularity of the Philippines as a host for malicious applications.

However, Kaspersky Lab virus analyst Yury Namestnikov said that while this is a positive trend for the Philippines, this does not mean that the attacks have lessened.

Namestnikov stressed that the change is only 0.2 percent for the Philippines and there was even a spike in activity of the peer-to-peer (P2P) worm Palevo, which also serves as bot-client. He warned that this particular worm is very efficient as an infected computer will be fully controlled by the source of the Palevo. It can spread through instant messengers like MSN, USB flash drives, and other P2P applications such as BearShare, Ares P2P, iMesh, Shareaza, Kazaa, among others.

He also warned that the IM-Worm.Win32.Sohanad.bm has been detected in over 20 percent of the Asian region making it the 4th most common malware. Namestnikov warned that this prevalence of the IM-Worm.Win32.Sohanad.bm could increase in the coming months.

“The serious development of the Internet in the Philippines during the last several months together with slow growth of security awareness will likely cause this country to make a comeback in the Top 20 list very soon,” Namestnikov said.

Meanwhile, over half a billion computer-related attacks using malicious applications have been detected and blocked during the months April to June 2010 in 288 countries, Kaspersky Lab reported.

This number showed that the growth of infection attempts have grown by an average of 4.5 percent per month over a period of three months. Meanwhile, the total number of malicious applications increased by 0.7 percent during this period with 8,540,223 detected.

The company reported that 203,997,565 infection attempts were detected. The most common malicious software infection came from Trojan.Win32.Generic having 12.02% of all infections. This has remained at the top of all vulnerabilities since the first quarter of this year.

Twenty-seven percent of these attacks were malicious scripts injected by cybercriminals into a variety of websites in the hope of targeting vulnerable computers. Exploits in Adobe Reader remained the most common.

Kaspersky Lab also indicated that it has detected 33,765,504 vulnerable files and applications in users’ computers. This indicated that one in four computers had at least seven unpatched applications, which could lead to attacks by malicious software. The most common attacks against a single application is Microsoft Office Excel having 39.45 percent of all known vulnerabilities.

botnets – groups of malicious applications running automatically and independently – remained at the top of malware incidents. The company detected the creation of new bots, worth noting of which is ZeuS (Zbot) Trojan. A new modification for this particular botnet was detected in April this year that had a relatively unsophisticated code that attacked .exe files. ZeuS which primarily targeted online banking accounts.

Another new botnet-making applications detected is TwitterNET Builder. While largely a proof-of-concept application, TwitterNET Builder builds new botnets using the social networking tool Twitter as a command-and control-center. One of the new botnets that came out using TwitterNET Builder is Backdoor.Win32.Twitbot, which can download and run files, conduct distributed denial-of-service (DDOS) attacks, and open websites specified by the bot’s owners.

While bots created using TwitterNET Builder were easily detected and eliminated, it points to potential use of popular social networking service to attack people’s computers.

Among the countries where attacks remained prevalent during the Q2 of 2010 are China (17.09 percent), Russian Federation (11.36 percent), India (9.30 percent), United States (5.96 percent), Vietnam (5.44 percent), Germany (2.65 percent), Malaysia (2.37 percent), Saudi Arabia (2.19 percent), France (2.14 percent), and Ukraine (2.11 percent) at 10th place.

Latest upgrades of Kaspersky flagship products now in the market

By Fei on August 6, 2010

August 6, 2010

Kaspersky Lab, a developer of secure content management solutions, announced the release of the latest versions of its flagship consumer products Kaspersky Internet Security 2011 and Kaspersky Anti-Virus 2011. The new products, according to the company, feature innovative cutting-edge technologies to provide more accurate detection and an even faster response to any IT threats.

Kaspersky Internet Security 2011 and Kaspersky Anti-Virus 2011 will not just sit idle until the PC becomes infected, the new versions provide real-time proactive protection – constantly monitoring the system to detect any type of potential threats and prevent any destructive activity. They provide reliable isolation of untrusted Internet resources, giving users the reassurance that their digital environment is clean, safe and free from digital threats and unwanted intrusion. They do this in background mode and do not make constant demands on the users in order to do their job efficiently.

Kaspersky Internet Security 2011 and Kaspersky Anti-Virus 2011 also incorporate a full range of new and improved technologies, many of which are unique to Kaspersky Lab products. The newly-implemented System Watcher technology, for instance, monitors all system events in full – creation and modification of files, system calls and changes to the system registry. The new solutions incorporate reputation rating services. That means information about a known object is received in real-time without the need for it to be scanned locally. The information is sourced from Kaspersky Lab’s databases that are constantly updated by the company’s experts. Both products include improved proactive protection from new, as yet unknown, threats based on scanning for typical threat symptoms. More importantly, all the main modules are updateable, which means that should completely new types of threats emerge, the products’ features can be updated without having to reinstall the solution from scratch.

Kido worm, Sality virus top June 2010 malware statistics, Kaspersky Lab says

By Fei on July 22, 2010

July 23, 2010

The Kido worm and Sality virus continue to top the list of the most malicious malware for the month of June this year, according to a report by Internet security software company Kaspersky Lab.

Both Kido and Sality and their variants have been topping the list since the start of the year, having infected a total of at least 1 million PCs per month. However, the list almost did not change from the previous month.

Kido is a net-worm spread through computer networks and even through removable drives. This causes buffer overruns. It is also associated with the Conficker net-worm. Meanwhile, the Sality virus has a variety of purposes though it is most effective as a keylogger, which allows the virus to save the username or password of users on an infected computer.

At fifth place is Exploit.JS. Agent.bab, a new entrant in the list. This virus exploits the CVE-2010—806 vulnerbility and downloads other malicious applications into victim machines.

A new variant of the P2P-Worm.Palevo has to be watched out as it makes a slow comeback since March 2010. Because it spreads through peer-to-peer download applications, it makes copies of itself into the download and upload folders. It also sends via links on instant messengers. Palevo.fuc also works with Trojan.Win32.Autorun to spread to removable drives.

Kaspersky Lab security analyst Kirill Kruglov said at least 50,000 removable drives fell victim to Trojan.Win32.Autorun, whose variants are occupying the 18th and 20th rank in Kaspersky Lab’s malware list this June.

Some malicious applications also trick users to download supposed antivirus into their computers. The method is simple: an “infected” website will warn visitors that it has a malicious application running and offers to have users download an antivirus. When the software “scans” the PC, it will later download the antivirus which is actually a variant of Trojans or other viruses.

Unwanted adwares are also in the list of Kaspersky Lab’s most unwanted applications for June. Adwares remain in computers an gather data about user behavior, then it sounds out to advertising companies the data, who in turn send user-targeted advertisements.

Kruglov says cybercriminals are trying to find ways to package and propagate their malwares by looking for PC exploits, and using phishing and social engineering.

“Despite the fact that antivirus companies are constantly on the alert for this kind of thing, users also need to do their bit and remain vigilant. Remember, how and what you search for on the Internet can potentially reveal a whole lot more about you than you might want anyone to know!” Kruglov said.

Page 2 of 4 « 1 2 3 4 »