2013: The Year In Malware
Looking back at the year in cyber threats, 2013 featured a number of new innovations that allowed hackers to compromise security, infect systems and steal data. Adam Kujawa of Malwarebytes recently published his list of the biggest threats to your security in 2013. The threats included in this list are important to know because they’re likely to continue to be used throughout 2014, as well.
Ransomware wasn’t new in 2013, but hackers have used it to inflict more damage this year than ever before. This particularly scary brand of malware is capable of locking down a user’s computer and encrypting their personal files. A payment is then demanded to restore the system, but most users find that even after paying their computer is still useless. This year, many forms of ransomware were disguised as government agencies investigating a crime. In some instances, an individual’s webcam was hijacked so an image of the user could be displayed along with a note claiming that their internet history included some illegal activity. Because of it’s jarring nature, law enforcement has cracked down on ransomware and production seems to be down.
Making its debut in September of this year, Cryptolocker did an astonishing amount of damage in a short time. It’s a form of ransomware that demands a payment to decrypt your files. The difference is, Cryptolocker does a better job encrypting files than most ransomware. It actually uses a double encryption, which is so strong it would take a normal desktop system an estimated 6.4-quadrillion years to break it without a key. Needless to say, no one has broken the encryption yet. Cryptolocker also puts a time limit on a user’s decision. They’re asked to pay for the key to decrypt their files, but if they don’t make a payment within a day or two, the key to the encryption is threatened to be erased from its remote storage. Currently, the best way to stop a Cryptolocker attack is to keep it from infecting your computer in the first place.
With more and more users with smartphones, it was expected that more malware would be produced specifically for the mobile audience. There was more mobile malware produced in 2013 than any previous year and most of that was for the Android operating system. Threats included malware that could make texts and phone calls without the owner of the phone knowing and malware that spoofed banking security precautions to steal log-in information. There were also instances of a smartphone’s camera being hijacked. The capabilities of malware for smartphones will only increase with time and, unfortunately, many users continue to use a smartphone with little to no security in place.
Potentially Unwanted Programs, or PUPs, are certainly not new, but 2013 saw them become much more harmful than ever before. Seasoned internet users will have dealt with PUPs before as an inclusion with other downloads or as something they never meant to download in the first place. Commonly, a toolbar or search agent will appear that a user doesn’t actually want, but, except for being a nuissence, it doesn’t do any real harm. In 2013, these PUPs began to include a Bitcoin miner, which could potentially cause significant damage to some types of systems.
New threats pop-up every day. That’s why it’s extremely important to keep antivirus programs and other security software up to date with the latest definitions. All applications need to be regularly updated to close off security holes that have been exploited in the past.
If your system is infected with malware, or you’d like to improve your device’s security before it’s attacked, contact Geek Rescue at 918-369-4335.December 6th, 2013