Security researchers from FortiGuard have identified the top four money-making schemes that malware authors employ to separate you from your cash. This isn’t surprising: spreading malware is just like any other software business: you need word of mouth (or a virus to help transmit things), willing customers who will download your code, and people who will pay money for your product.
The difference is that the malware guys aren’t selling you something that you really need, but something else entirely. It used to be that malware was just about gaining control over your computer, so that you could inadvertently be part of a botnet army that could attack someone else. And while there is plenty of that around, the latest schemes are all about making money directly from those who are infected.
It is as ingenious as it is dastardly. Guillaume Lovet, senior manager of FortiGuard Labs’ Threat Response Team, wrote in his blog post: “Now it’s not just about silently swiping passwords, it’s also about bullying infected users into paying.”
Here are the four top money-makers that Fortinet has observed:
1. The Flash update that tricks users into granting full installation rights. Once it is installed, the malware steals passwords to banking and other online payment sites. Given all the problems with Adobe exploits over the years, this may be disappointing, but isn’t all that surprising.
2. The fake anti-virus popup warning. This looks benign but is actually quite nasty. The popup looks like some legit AV software, but woe on anyone who actually purchases and then installs this stuff: you have just bought and installed malware.
3. Ransomware. This is a piece of software that blocks your PC, and the only way you can unblock it is if you pony up some cash. The blockage takes the form of stopping the boot process or encrypting part of your hard drive. It installs automatically on a user’s PC and then demands its ransom.
4. Nasty Trojan Horses. The latest in Trojan Horse attacks is to trick someone into installing a piece of code on their smartphone, and then working the two-factor authentication in such a way that your banking information is recorded both on your phone and in the PC session which has already been infected. These trojans then siphon off your funds to a third party account.
It’s a scary digital world out there. Let’s just hope we can stay a couple of steps ahead of the bad guys.