Guard Your PC From Private Info Hunters

Published: Friday, April 01, 2005 Online-Casinos.com

GUARD YOUR COMPUTER

Symantec reports alarming increase in bugs hunting for private information

Those "rebels without a cause" nerdos trying to show the world how clever they are through hacking attacks seem to have morphed into more sinister - and criminal - crooks who are trying to access and steal Internet users' cash.

"We've seen a definite trend toward monetary gain," says Oliver Friedrichs, senior manager at Symantec Security Response.

Since last July through to December 2004, 54 percent of the top 50 malicious programs infecting computers or intercepted by screening ware sought to steal confidential information, often financial data.

That's up from 44 percent from the previous six months.

"This is easy white-collar crime," confirms Steven Sundermeier, a vice president at security software company Central Command .

The semi-automatic weapon for online criminals are bots (short for robots) a combination of worms, which are self-propagating viruses, and trojans, malicious software secretly installed on a PC.

Hackers covertly install bots on insecure computers and through these are able to remotely control the PCs, often building large "zombie" armies that can he hired out for ciminal purporses. Though bots aren't new, they're increasingly used for criminal purposes, experts said.

Criminals scour the infected PCs for credit card numbers and banking passwords and may steal a person's identity. They can install adware - software that launches money-making ads - log keystrokes and turn on a PC's video camera.

One bot Symantec found could receive commands from the hacker via e-mail. Numerous others hijack PCs and use them to send spam. Another bot uses a seized PC to send e-mails to lure people to a replica of a Web site under the hacker's control, routing entered passwords and other sensitive information to the hacker.

Some hackers even sell bots that resist anti-virus protection for $20 to $1,000 to organized crime groups and other hackers, according to TruSecure, a security software company.

As anti-virus companies release vaccinations, hackers craftily tweak their techniques. Symantec found 6,000 new variants of the top three bots in the last half of 2004, nearly 11 times the number from the same period the previous year.

Hackers connect the bots into a network of up to hundreds of thousands of bots, which they can use to overwhelm Web sites with requests, making the sites inaccessible and demanding "protection money."

"They basically say to the online gambling sites 'If you don't pay a certain amount of money we will send our bot army against you,'" said Johannes Ullrich, chief technology officer at the SANS Institute.

It's difficult to trace the crimes to hackers because infected PCs in homes and workplaces do the dirty work, security specialists said.

"An 80-year-old grandma who is just online innocently chatting or e-mailing grandsons or granddaughters may download and execute one of these bots," Sundermeier said. "If any trace routing is done, it comes back to her machine."

Hackers install malicious software on PCs by luring people to click on links or attachments in e-mails, enticing someone to visit a virus-laden Web site or connecting directly to an insecure PC via the Internet.

It is essential that all computer users who connect to the Internet take the following basic precautions:

Constantly run a firewall and anti-virus software. Frequently or constantly run anti-spyware software.

Don't keep your computer connected to high-speed Internet access for long when you're not using it.

Never click on links or attachments in unsolicited e-mails or instant messages. Even if you think the e-mail is from your bank, type the bank's Web site in your browser yourself.