Web Hosting News

  Home arrow Web Hosting News arrow Page 4 - An Old Trojan in New Clothing
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING NEWS

An Old Trojan in New Clothing
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 7
    2008-12-10

    Table of Contents:
  • An Old Trojan in New Clothing
  • It's a Trap!
  • Killing the Trojan
  • How Does Symantec Respond?
  • The Cat-and-Mouse Game

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement

    An Old Trojan in New Clothing - How Does Symantec Respond?


    (Page 4 of 5 )

    I was fortunate enough to speak with Kevin Haley, a director at Symantec Security Response, to get a better handle on what happened to my computer and how their software responds to threats. Right away we determined that I'm using Norton Anti-virus, rather than Norton Internet Security, which offers extra layers of protection. “What you were infected with was a misleading application,” Haley explained. Such applications get put on machines by a Trojan that acts as a downloader. They're very popular right now; “we're seeing thousands of these things,” Haley noted.

    The particular form of attack I faced, Haley figured, was what is known as a “drive-by download.” In this form of attack, a malicious hacker gets onto a website and gets into its HTML so they can put an exploit into the code. “When that particular page is downloaded onto your machine through the browser, it runs an exploit (such as a buffer overflow)” to get malware onto your PC. “Often it's a downloader that downloads more” bad software, Haley noted. Symantec's Norton Internet Security product protects against drive-by downloads.

    One really interesting aspect that Haley brought up is how the bad guys work. They often use affiliates – that is, they pay people to infect other machines with their malware, often paying something like 10 cents per infection. Haley noted that there could be thousands of affiliates hard at work infecting machines. Worse, these nasty infections could be hidden in popular peer-to-peer downloads, so that music you think you're getting for free could easily contain a virus or something else for which you didn't bargain.

    Additionally, malware can be distributed in the way Perfect Defender 2009 attempted to get onto my computer – by social engineering. It's not the only professional-looking web site online touting software you may never have heard of. Haley noted that ads featuring professional-looking software that appears to be legitimate are actually promoting malware.

    So how can web surfers protect themselves from the danger out there? “Have a good security package on your machine,” said Haley, and keep it up to date. “The latest Norton products have a feature called Pulse that will update your software every five to ten minutes...these are in the 2009 products, and started to be available in October.” Haley said that this is one of a number of features provided in response to customer requests for security software to stay out of the way while protecting their computer.

    More active ways to protect your computer include developing a little healthy paranoia. “You have to be suspicious of attachments and links in email, and applications you've never heard of, even if they look slick and well-packaged,” Haley said. He also advocated using different kinds of security software, though not necessarily from multiple vendors, because they might not play well togetherl. As an example, he pointed to Symantec products that use multiple security technologies in one package: a firewall, anti-virus software, intrusion prevention (which is network-based), a browser defense that protects against drive-by downloads and other kinds of attacks, and something he called “sonar,” a behavior-blocking technology.

    More Web Hosting News Articles
    More By Terri Wells

    WEB HOSTING NEWS ARTICLES

    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap