Thieves Winning Online War, Maybe in Your PC

December 6, 2008
Thieves Winning Online War, Maybe in Your PC
By JOHN MARKOFF
SAN FRANCISCO — Internet security is broken, and nobody seems to know quite how to fix it.

Despite the efforts of the computer security industry and a half-decade struggle by Microsoft to protect its Windows operating system, malicious software is spreading faster than ever. The so-called malware surreptitiously takes over a PC and then uses that computer to spread more malware to other machines exponentially. Computer scientists and security researchers acknowledge they cannot get ahead of the onslaught.

As more business and social life has moved onto the Web, criminals thriving on an underground economy of credit card thefts, bank fraud and other scams rob computer users of an estimated $100 billion a year, according to a conservative estimate by the Organization for Security and Cooperation in Europe. A Russian company that sells fake antivirus software that actually takes over a computer pays its illicit distributors as much as $5 million a year.

With vast resources from stolen credit card and other financial information, the cyberattackers are handily winning a technology arms race.

“Right now the bad guys are improving more quickly than the good guys,” said Patrick Lincoln, director of the computer science laboratory at SRI International, a science and technology research group.

A well-financed computer underground has built an advantage by working in countries that have global Internet connections but authorities with little appetite for prosecuting offenders who are bringing in significant amounts of foreign currency. That was driven home in late October when RSA FraudAction Research Lab, a security consulting group based in Bedford, Mass., discovered a cache of half a million credit card numbers and bank account log-ins that had been stolen by a network of so-called zombie computers remotely controlled by an online gang.

In October, researchers at the Georgia Tech Information Security Center reported that the percentage of online computers worldwide infected by botnets — networks of programs connected via the Internet that send spam or disrupt Internet-based services — is likely to increase to 15 percent by the end of this year, from 10 percent in 2007. That suggests a staggering number of infected computers, as many as 10 million, being used to distribute spam and malware over the Internet each day, according to research compiled by PandaLabs.

http://www.nytimes.com/2008/12/06/technology/internet/06security.html?pagewanted=print

Problem solved.

He is not immune. Granted it is harder, but Linux systems can be and have been infected already.

Can you show me one documented case of such an infection?

DesktopLinux.com: Vulnerabilities to Unix/Linux would seem to only be able to proliferate in a situation where a user had root access. Is this true? (are there any example of non-root based exploits?)

Keith Peer: At Central Command we are concerned over all malicious and potentially malicious programs and they do not need root access to cause damage. All that is need is write permission within the current users access rights even if it is just to the users /home directory. If a malicious program can execute and delete or infect anything within the contents of the current users /home directory it is dangerous enough. Typically when root access is needed it is to access a core Linux operating system component or to install a patch or some software application that requires root access. One of the problems is that as Linux moves on the corporate and consumer desktops the level of sophistication by the average user will go down significantly and then we will have millions and millions of people who will install/uninstall Linux applications daily and many under the root account. These people will never look at source code and if they did it would be meaningless to them. They would not know if the code is good, bad or malicious, they will just install it and try it. This is when Linux antivirus software will become very important, as important as it is today on Microsoft Windows computers.

http://www.desktoplinux.com/articles/AT3307459975.html

* * * * * * * * * * * * * * * * * * * *
By BBC News Online internet reporter Mark Ward

Virus writers are starting to target web computers running the Linux operating system.

This week, many web servers running some versions of Linux have been infected with a malicious program that uses the computers as a springboard to spread itself around the internet.

Although not destructive, the virus program is inconveniencing many webmasters as it hogs resources while searching for new servers to infect.

Experts have warned Linux users to expect growing numbers of attacks as the operating system grows in popularity.

http://news.bbc.co.uk/1/hi/sci/tech/1123827.stm

* * * * * * * * * * * * * * * * * * * *
The Truth about Linux Viruses

One the biggest vulnerabilities of the Linux system are the users who have the misconception that it cannot be infected by computer viruses. Several people believe that any non-Windows system is secure and doesn't need the aid of additional software to ward off viruses. This is far from the truth and a major reason why more viruses are being written for the system.

Many security experts believe that the growth in Linux malware is the result of its evolution and popularity, particularly as a desktop system. Shane Coursen, a senior technical consultant for Kasperky Lab, believes that more users are turning to Linux because of the interest in learning how to write malware for the system.

Most viruses written for Linux pose a potential, yet minimal threat to the system. If a virus infected binary file is run, the entire system could be infected. The distribution of the infection depends on which particular user with what level of privileges executed the binary. A binary run under the systems root account would have the ability to infect the entire system.

http://www.spamlaws.com/first-linux-virus.html

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I stand by what I said. Linux is slowly going main stream. Someday it will reach the tipping point. While it is much more secure than Windows, more and more users are non-techies. This is also part of the Window security problem. There will be problems with viruses and Trojans with Lunix. Bet on it.

elocs, Macs are LESS immune, but not immune to these types of attacks. Or so I've read. But now that Apple is gaining market share that will likely change for the worse.

Microsoft itself does not know what Windoze does, it is a vast field of error waiting to be exploited. You CANNOT maximize profit and security at the same time. If you don't care all that much about security, then Windoze can be a reasonable choice. But otherwise, not. You need to look at one of the various Unices and someone that knows how to administer it.

Is this what that report is trying to make us scared about?

Because IF it's somewhat 'exagerated,' that's not cool at all.