Defeating the Ever-Present Zlob
And the war against Zlob Trojans wages on. This online enemy goes by many names (Zlob, fake codecs, Zlob codecs, Smitfraud Trojans) but whatever alias is used, the devious tactics and growing prevalence on the web are undeniable. At Lavasoft, we have a vendetta against the Zlob, and a mission to help you keep this untamed online threat off of your system.
Zlob Trojans, similar to the closely related Vundo Trojans, are malware that usually masquerade as a codec needed to play a video, and then install adware or malware on an unsuspecting user’s system.
“This is absolutely the worst infestation right now on the Internet - certainly the most widely known and seen in the security forums,” says Janie "Calamity Jane" Whitty, a Lavasoft malware removal and prevention expert and Support Forums administrator.
To avoid getting infected with this underhanded malware, all it takes is a little caution and awareness of the problem.
Once you install the program, you begin seeing loads of unwanted adware. A “nag” screen takes over your desktop in the form of a security warning or as a pop-up telling you your system is infected. The message demands that you run a scan or buy a specific “anti-spyware program” in order to fix your PC.
The popularity of downloading and watching videos online, combined with users not finding out exactly what they are downloading onto their PCs is the perfect environment to keep Zlobs alive and thriving. These fake codecs are a frequently used ploy, brought to you through various methods that rely on the vulnerability of unsuspecting computer users including websites, e-greeting cards, and instant messages. Along with that, Zlob developers spew out new Zlob Trojans daily in an attempt to avoid detection by anti-spyware and anti-virus software.
“Despite our efforts, Zlob is still winning and it remains the number one public enemy, of this malware researcher anyway. Just take a look in the forums, our forums - ANY security forums and people are still coming in droves and hoards needing help to remove this malware. It is constantly changing and jumping domains to avoid detection,” Whitty says.
“Users need to be warned about these fake codecs. My own experience with these codecs is that if people would just read the EULAs of the software they download they would see that they are getting additional (and possibly unwanted) adware and spyware in that fake codec,” according to Whitty.
Lavasoft researchers are key fighters in the war on Zlobs, constantly finding new variants and putting them into detection. Currently, the Zlob family of Trojans are among the largest families of malware in Lavasoft’s Detection Database. Ad-Aware 2007, especially the real-time protection of Ad-Aware 2007 Plus or Pro, is an important weapon in the malware fight. Other armor you should equip your system with is updated anti-virus software, a firewall, and the latest security patches from Microsoft.
Below are a few more Zlob prevention tips from the security experts at Lavasoft.
The risk associated with using the Internet, like spam, viruses, spyware and phishing, remains high, according to Consumer Reports. In the first half of 2007, spyware infections prompted 850,000 U.S. households to replace their computers, according to a recent survey. One out of every 11 surveyed had a major, often costly problem due to spyware. The economic fallout per incident was averaged at $100 (U.S.), with damage totaling $1.7 billion.
Source: Consumer Reports, State of the Net 2007
Term of the Month
A pump and dump scam is a spam technique that uses misleading messages to create hype around targeted stock – usually “penny stocks” that sell for less than $1 U.S. per share. Spammers acquire the stock before sending their spam, and then “dump” their shares after share prices have inflated. The result: investors are fooled into losing money, while the spammers make off with a profit. Read more about recent spam trends in our “Spam Surge” article.
Every time you surf the Net, your browser keeps track of all of your online steps. With Ad-Aware 2007, we’ve given you an easy solution to remove all traces of your Internet browsing from your system, keeping spyware from documenting surf patterns and targeting you with adware and spyware. TrackSweep, one of the new privacy features in Ad-Aware 2007, gives you the option to clean your cache, cookies, history, last typed URLs, and browser tabs from Internet Explorer, Firefox, and Opera, in one clean sweep! To use TrackSweep, from the “Tools & Plug-Ins” tab in Ad-Aware 2007’s user interface, select “TrackSweep” and then choose the items you want cleaned. TrackSweep is a feature in Ad-Aware 2007 Free, Plus and Pro.
The Anti-Phishing Working Group is an organization committed to wiping out online scams by focusing on eliminating fraud and identity theft that results from phishing, pharming, and e-mail spoofing. Visit its website to report phishing attempts, pharming sites, and crimeware, or browse the informative resources section to brush up on the latest threats.