My PC Has Been Hijacked 2.0

Posted by: Steve Hamm on October 14, 2005

One year ago, my home computer was hijacked by a rogue program called Home Search. It replaced the opening page on my Internet Explorer browser, planted pieces of hard-to-remove code all over the hard disk, and, ultimately, I suspect, disabled my PC so it would barely work. Thanks to 16 hours of help from a Microsoft support technician and lot of free anti-spyware programs, my computer was freed. Now, I have the sneaking suspicion that it’s happening again. Though I now use the Mozilla Firefox browser, and nothing has afflicted it that I can make out, two days ago, when I shut the computer down, eight mystery files loaded themselves on to the hard disk. I ran McAfee Virus Scan, and didn’t come up with much—but that didn’t give me peace of mind. I’m hoping that a free anti-spyware product called SpyCatcher Express, from Tenebril Inc., which I learned about this morning, will save my PC’s butt. Either way, this incident is scary reminder of just how vulnerable our machines, and lives, are to evil computer programs.

As if viruses, Trojans, and worms weren't bad enough, the Black Hat hackers have cooked up a whole new generation of malware called evasive--or mutating--threats. These programs prey on the shortcomings of anti-malware software itself. About 20% of the malware that's detected these days is of this type, and it's growing fast. The reason: The stuff is placed on PCs by criminals or advertisers who have strong incentives to come up with clever ways of keeping their software on your hard disk.

Home Search, the little devil that attached itself to my PC last year, is one of the more common pieces of evasive malware. And it's just one of 44 variants of a program called Cool Web Search. The software creates a Yahoo-like directory on your browser, and its makers sell click-throughs to the e-commerce and marketing outfits listed on the directory. Another troublesome program is a Trojan called Bankash-A, which is designed to take advantage of shortcomings in Microsoft's anti-spyware software. The Tenebril people gave me the names of others, but they have Web sites and pose as legit businesses, so I won't name them for fear of being sued. One of them actually poses as an anti-spyware program.

Most anti-virus and anti-spyware programs are designed to scan your PC and look for programs with names or operational profiles that are known to be malware. The problem is, this pesky new type of malware is good at evading that kind of defense. The programs change their names. They set up automatic update procedures so if they're detected and removed, new versions can be downloaded later. Some of them have a handful of evasive techniques and monitor them to make sure they're still working. If not, they repair themselves.

I haven't tried the Tenebril software yet, but it seems to be based on smart ideas. The company sells commercial versions for enterprises and consumers, but just came out with a free version and with some new features. It has a spyware profiling engine that studies unknown files that are on your computer, or which are trying to come onto your computer, and grades them as more or less theatening--giving you a chance to kick them our or refuse entry. It also has a new feature called "deep defense" that watches for suspicious behavior by programs and stops them from activating.

In the malware world, it's a constant battle between the White Hats and the Black Hats. The Black Hats seem to be winning this round. But, hopefully the tide will be turning soon.

TrackBack URL for this entry: http://blogs.businessweek.com/mt/mt-tb.cgi/

Reader Comments

JPB

October 16, 2005 04:52 PM

Don't use Microsoft then.

http://www.ubuntulinux.org/
http://www.mepis.org/
http://www.debian.org/

http://distrowatch.com/

Pick, try, choose, enjoy :-)

rajesh

October 16, 2005 05:31 PM

And if you are afraid of ubuntu, here's a small company that you may be aware of that offers safe refuge:
http://www.apple.com

Midi-man

October 18, 2005 09:37 AM

Linux and unix do not have these problems.
Sometimes you get what you do not pay for.

twinswoody

October 18, 2005 03:02 PM

typical linux response. make linux easier to use and your argument is valid.

I

December 10, 2005 11:57 AM

Steve, it's now middle of Dec 2005, have you updated your opion of SpyCatcher Express 2006 4.0.4 ?
Tks in advance
reader- iFlicker@Hotmail.com!

I Flicker

December 10, 2005 11:57 AM

Steve, it's now middle of Dec 2005, have you updated your opion of SpyCatcher Express 2006 4.0.4 ?
Tks in advance
reader- iFlicker@Hotmail.com!

christine

March 5, 2006 11:23 AM

I would like to see more discussion about the most evil malware out there - Trojan Spyware; downloaded not by anonymous commerce sites, but but by exspouses or business competitors.

I've seen many ads on the net advertising very affordable software that allows a person to spy on and control someone's computer. The spy/hacker can turn on a remote webcam without the victim knowing he's being watched. I think we're missing the point when all the warnings seem to be cautions regarding unknown e-mail, or free downloads off the internet. This kind of Spyware comes through e-mails from your kids or a business contact you trust. Scary stuff!! basically it's Cyberstalking. Any opinions or imput out there?

Magnus

November 29, 2006 08:04 PM

I have just started using Mepis, and it works great!
Better than windows and with all the software you need, all 100% free! And no worries about security!

jihn

October 6, 2007 09:37 PM

what you should do is partition your hard drive, one
half will hold your important documents, the other will hold all the windows components, almost all of malware or spyware and whatnot will install itself on the first partition, when it gets too hard to recover, just reinstall windows.

Post a comment

 

About

BusinessWeek writers Peter Burrows, Cliff Edwards, Olga Kharif, Aaron Ricadela, Douglas MacMillan, and Spencer Ante dig behind the headlines to analyze what’s really happening throughout the world of technology. One of the first mainstream media tech blogs, Tech Beat covers everything from tech bellwethers like Apple, Google, and Intel and emerging new leaders such as Facebook to new technologies, trends, and controversies.

Categories

 

BW Mall - Sponsored Links

Buy a link now!