Tuesday, April 12, 2016

Dark Web markets are feeding a malware explosion


A couple of months ago I helped a friend do research for a book about the Dark Web and its underground markets for contraband goods and services. Along with drugs and counterfeit documents, I found vendors who offered a wide variety of hacker software and tools at surprisingly low prices.

For example, RATs - remote access tools that let the users take control of a target computer - could be purchased for the price of a steak dinner. Also available were packaged viruses and platforms for finding vulnerable computers and injecting the malicious code. Whole networks of bots could be rented by the hour or by the month.

The lesson I learned was that today’s hackers don’t have know how to write sophisticated computer code. They can simply buy someone else’s code and rent time on a delivery system that will look for vulnerabilities in thousands or millions of computers.

It’s not surprising, then, that ransomware has become the latest scourge of the Internet. Those are programs that encrypt files on a target PC, demand money to unlock them. Delivering them to unsuspecting computer users is a line of work in a booming industry that appears to both pay well and be fairly easy to do.

A recent version of ransomware called Locky uses vulnerabilities found in Microsoft Office, along with social engineering. to get inside a victim’s computer. An article posted on the blog at Keonesoftware  notes that one property of Locky “makes the pest particularly hazardous for enterprise networks as it can rapidly propagate and freeze all corporate documents.”

New forms of ransomware also tend to reach the underground markets before legitimate antivirus developers can figure out how to stop them or even recognize them. The people at PC Keeper, a maker of popular antivirus software, told me that their current product does not detect ransomware, though they plan to have that capability in the next release.

Meanwhile, security specialists warn users to make frequent backups and store them offline. Keonesoftware also says be wary of suspicious attachments such as bogus invoices that have been known to deliver the Locky ransomware code.


Written by

Follow me on Twitter @ricmanning and read my technology columns at My Well Being.


Post a Comment


© 2013-2017 GizmoEditor.com. All rights resevered. Designed by Templateism Templateism

Back To Top