More on Sat web site attack, with screenshots of attack in process
Malware injection attacks can come from legitimate web sites. They get compromised and then their unsuspecting users are hijacked. I know this first hand because I tried to read a sports story on Cleveland.com last weekend (mentioned earlier on my blog) and the next thing I knew, I was under attack. I got out of it, but many are not so lucky. Here is a link to the PD article on Sunday, Feb. 8, in a .pdf file.
How can this happen? If it can happen to Cleveland.com, it can happen to you, the user. Some of the more recent attacks trick the user into clicking on something they should not and KABOOM, you are hit. The first thing the malware does is disable the anti virus software, and it is downhill from there. Some of the newer hijacks burrow so deep that Windows thinks they are part of Windows (root kit) and the only effective fix is to wipe the computer again.
When asked how could this happen, I try to explain that anti virus software is like a policeman wearing a bulletproof vest, it does not make them invincible. It is protection, but they can still be hit.
So even if you have what you think is the very best anti virus software, it is not a guarantee that your computer won’t get infected. I see it happen all the time.
I can guarantee that if you have nothing, you will surely get infected. And when pressed, I will tell someone that I recommended a Mac, because Windows computers are 90% of the computers on the Internet and subject to all these attacks. Macs are a minority and so far pretty much ignored by virus writers. Of course, what I don’t say is my first choice is the free operating system Linux. But that is only for the geeks that don’t mind a small amount of time getting it running and then not worrying about all these malicious attacks.
BTW, the trojan attack I encountered on cleveland.com was Win antivirus 360, a variant of what the PD mentioned, Win antivirus 2009. I will try and post more of the story in a couple days.
Here are two screen shots of the attempt: one and two. Notice the Linux taskbar is on the top of the screen, a Linux and Mac OSX standard. And the operating system? The logo is in the upper right, Fedora Linux. The bad guys are offering to clear all these Windows viruses off my Linux computer? Yeah, right. When you click on remove all, they download and attempt to install a Windows executable file. When you allow that, you are toast! The first thing this malware does is disable your anti virus and block updates on the web.
