Why Some Viruses Spread like Superstars
They're sneaky, unexpected and steal personal information, especially money. Computer viruses are bad news -- and not all are created equal.
Some have the potential to be nastier than others, spreading like wildfire across the Internet. Now, many are coming from unlikely sources: Most recently, social media sites.
For example Twitter was recently hit with a worm that used a link called "WTF" to take control of accounts and post obscene message to their Twitter feeds.
"Concepts like this destroy the trust model," Dave Marcus, director of security research and communications for McAfee Labs told SecurityNewsDaily. "We tell consumers to only open links from people they know, but now people are getting infected messages from their social networking peers and they click on it because they think it’s secure."
The increasing popularity of social networking has created an emerging avenue for botnet distributors. Cybercriminals create malware designed to infect machine "bots" or automated software programs that can execute remote commands, without the owner’s knowledge, according to McAfee.
Cybercrooks then send out spam emails and instant messages, enticing them to click on a link by mentioning a current news topic or popular celebrity. After a link is clicked, a bot may unknowingly be downloaded onto a computer. Once infected, malware can be sent to their friends and family disguised as a personal message.
Pop culture affect
Social media sites might be the latest hiding place for viruses, but online threats most often lurk within pop culture and current event pages, according to Erich Andren, optimization manager of PC Tools.
"Cybercrooks work backward; they think what people are searching for and come up with scams for the hottest searches," Andren said. "We’ve seen in the past that searches on the Twilight Films have turned up threats from cyber criminals trying to install malware on victim's computers."
In a recent PC Tools survey, conducted by Harris Interactive, about one in three Americans admitted they are willing to click on dangerous links if the subject matter is of interest to them. Survey respondents said they would be most tempted to click on a harmful link that’s posted on a friend’s social networking page or sites that tout fantasy sports statistics, porn entertainment gossip, once-in-a-lifetime deals and pictures of naked celebrities.
"People want to click on whatever they want, when they want it," Andren said "But this could get them into trouble. It's important to ensure computers have the right Internet security and many don’t take the time to do so."
The names of the viruses are usually determined by what the virus is trying to do or how it’s trying to do it. For example, if it has a pop-culture name, it is likely that it uses poisoned search results, infected PDF files or promises to get "sneak peeks" into some trending topic or celebrity scandal.
"Current events and seasons also come into play," Marcus of McAfee said. "We know to expect a lot of spam during tax season that involve fake tax documents and viruses. The end goal is to make money – and cybercriminals usually do."
The making of a virus
Programming plays a big role in how much a virus will catch on. There have been examples of viruses that can create new variants of themselves automatically every minute, making detection with standard signature-based solutions simply impossible. In fact, there are 30,000 to 50,000 new threats created every day, according to PC Tools.
It's also becoming increasingly more difficult to spot suspicious activity. In the past, text accompanying a virus would often include grammar mistakes, unnecessary capitalizations and too many spaces in between words. But hoaxes are not that obvious anymore.
These days, your antivirus software might even be suspect.
"Victims have been duped out of millions of dollars by believing they were paying for an antivirus product after being told by a pop-up message that their computer was infected by an online threat," Andren said. "Often the pop-ups won't stop, essentially hijacking a victim's computer until they pay and install the useless and potentially malicious program."
When on a suspicious site that informs users of an infection or software update, James Reid – manager of threat research for antivirus software and antispyware solutions company Webroot – advises not to click on anything.
"Rather than closing your browser the traditional way, terminate the browser in the task manager bar to make sure you there’s no interaction with the site at all. This will be the safest way to avoid getting infected," Reid said.
If the source of a pop-up or alert is in question, he recommends going to the company's Website and downloading the update there directly.
Fighting the virus
Another reason why some online threats and viruses work better than others has to do with their age.
"The newer the threat, the less likely researchers have developed a 'cure' for it," Andren said. "That's because traditional antivirus protects your computer much like your immune system – you first have to know what’s bad in order to protect yourself."
If cyber criminals develop a brand new threat -- or a "zero-day threat" as it is known in the industry, most traditional antivirus won’t be able to stop it since no one has seen it before.
There are, however, certain solutions on the market that alert users to dangerous or suspicious sites and use cloud technology to ensure anything downloaded is not a threat to your security.
Catching the criminal
Taking down the bad guy is just as hard as you'd think. In fact, cyber crime busts tend to be rare.
"Internet anonymity allows people to make up false personas," Marcus said. "There has to be a lot of evidence to persecute someone and there has to be ties to a money trail. This isn’t an easy thing to do. Cybercrooks tend to be ahead of the curve and it’s challenging for law enforcement to catch up."
In the meantime, it's critical to ward off these crimes by staying up to date with security software.
"There is a lot of risk on the Internet, but if people use the right technologies and stay updated, they should be okay," said Marcus.
"Just surf with both eyes open."