Wednesday, May 19, 2010

Why am I getting viruses on my computer?

I've had a handful of clients who asked me similar questions. They are always curious how these viruses get onto their systems. One of the tacticts used to get viruses on your computer is called "Malvertising". It's a technique where a advertiser pops up an ad that looks like it's a security warning about your computer. When you click on that "warning", the virus or scareware is installed.

This technique is becomming more common, with a recent study concluding that 1.3 million ads are viewed per day. 1.3 MILLION!!

Here's some more information below from the ZDNet article that I read.

New research released by Dasient indicates that based on their sample, 1.3 million malicious ads are viewed per day, with 59 percent of them representing drive-by downloads, followed by 41 percent of fake security software also known as scareware

The attack vector, known as malvertising, has been increasingly trending as a tactic of choice for numerous malicious attackers, due to the wide reach of the campaign once they manage to trick a legitimate publisher into accepting it.

More findings from their research:

•The probability of a user getting infected from a malvertisement is twice as likely on a weekend and the average lifetime of a malvertisement is 7.3 days

•97% of Fortune 500 web sites are at a high risk of getting infected with malware due to external partners (such as javascript widget providers, ad networks, and/or packaged software providers)

•Fortune 500 web sites have such a high risk because 69% of them use external Javascript to render portions of their sites and 64% of them are running outdated web applications

The research’s findings are also backed up by another recently released report by Google’s Security Team, stating that fake AV is accounting for 50 percent of all malware delivered via ads.

Thanks to Dancho Danchev  for the great article.

No comments:

Post a Comment