In recent blogs, I covered common attack vectors for malware these days. But I see infections pretty much every week of malware, or more frequently what is lumped together as “potentially unwanted programs” or PUPs. The affected users are shocked because they did not open any email attachments and they did not do anything risky on their computer. They are genuinely shocked that suddenly they have all of these pop-ups, ads, redirects and nonsense appearing on their computer. If it has not happened to you by now, then I can pretty much guarantee it has happened to someone you know.
How does this happen? Malicious websites are one way - websites whose purpose is to get you there to unwittingly invite in their malware. But more frustrating than those sites are compromised innocent/valid websites.
A valid website that becomes compromised can then host malware-infected ads or other programs. Once you surf to the website, if your computer isn’t patched with the latest updates, then your computer will become infected.
This attack vector has been made extremely popular in the last year thanks to numerous vulnerabilities in Java. If you don’t need Java, then by all means uninstall it right now. Don’t even wait to finish this blog! Yes, it’s that serious. If you are not sure whether you need Java, then uninstall it and use your computer until something complains that Java is required. It is a free download and easy to reinstall, especially if you use ninite.com, which I highly recommend and will blog about in the future.
Java is a handy programming language. It can do neat things. It’s so cool that if bad programs are run to exploit vulnerabilities, your computer will be in a world of hurt with a quickness. If you have Java installed, I’m quite certain you get annoying update notifications. All. The. Time. Yes, 98% of the world ignores those notifications. They cancel them and move on with life. Nothing stops working. No harm, no foul. Right?
If you need Java on your machine because you use software that depends on it, then you better be a patchin’ that machine of yours every time that message pops up! These wily malware authors have been producing zero-day exploits. That may not sound impressive to you, but it is to them.
You see, from the time an exploit is found, until the day malware is deployed “in the wild” there is a period of time where somebody is puckered up hoping the good guys solve the problem before the bad guys exploit it. Zero-day exploits mean there are zero days between the vulnerability being discovered and a hack being programmed to exploit it and that hack is released into the wild. What does that mean? It means you better patch your junk like right now! Not patching web servers fast enough is how perfectly good websites suddenly become unwitting accomplices to nefarious activities.
Adobe Flash is another piece of software that has been exploited frequently. Please do keep that updated, as well. Of course, Windows updates should be set to automatically be applied, as well. I see too many users who are afraid of breaking their computer, so they just ignore the update permission requests for Adobe Flash and Java. Ironically, it’s then their fear of breaking the computer that inevitably becomes the cause of breaking the computer. Please update Flash and Java frequently!
Performing these updates and being a hawk-eye at spotting bad emails will spare you from trouble and heartache resulting from a majority of malware attack vectors these days. I know that you are now smarter and practically a safe-computing ninja. You’ll scoff as fake emails come in. Hopefully you’ll be able to share your wisdom with friends, family and coworkers and together we’ll cause the malware programmers to find new lines of business. If you do end up getting bested by a sample of great social engineering, then you are in a situation where either you will be expanding your computer malware remediation repertoire or calling in a professional. Either way you will be really glad you back up your information frequently.
You do back up your valuable information like irreplaceable photos, right?
I think I just found the topic for my next blog.
UPDATE: I cannot make this stuff up. Just hours after posting this blog, I had an employee at a client office call me about their new computer and it being infected with all sorts of pop-ups and things acting weird. I remoted into his system and found all of these programs installed today. I count 32 programs that fit on the screen snapshot! And it all started by him looking for a legitimate program on the internet to install on his computer. One thing happened, then all of a sudden his computer was overrun. I'll be out there tomorrow to resolve it.