June 2008

Bad Behavior

This month’s bad behavior pick, highlighted to help you understand how to steer clear of it, is malicious media files. Find out what you need to know in order to stay safe on file sharing websites.

Understanding the Threat
The openness of the World Wide Web allows computer users to socialize online, share files, and download music. Unfortunately, our Web 2.0 environment also creates many new ways for malware to make its way onto consumers’ PCs.

The latest trick we’d like to call your attention to is fake MP3 audio files or MPEG videos on popular file sharing sites. While this bad behavior of using peer-to-peer networking is nothing new, computer users that are unaware of what they download will easily fall prey to these ploys. The popularity of downloading and watching or listening to content online, combined with users not finding out exactly what they are downloading onto their PCs, is the perfect environment for this type of scam to thrive.

The Bad Behavior
How do you get infected? Much like another online enemy, Zlob Trojans, a social engineering tactic is being used in order to get unsuspecting PC users to download an adware bundle.

A computer user is infected after they visit a file sharing site and attempt to play a malicious media file. While a file may appear to be an ordinary audio recording, it’s actually a Trojan horse that attempts to install a media player and adware.

 “When users try to play the files, an application called PLAY_MP3.exe is downloaded onto their PCs instead. Once the malware is on a user's computer, it begins to inundate that PC with advertisements,” according to a May report from the Sans Institute on the latest ploy.

In this case, the adware that is installed on infected systems is the Mirar toolbar, which is in Lavasoft’s Detection Database as Adware.PlayMP3Z, Adware.Mirar, and Adware.Agent.

Winning Strategies
To avoid online nasties from file sharing sites, one important basic step is to always be aware of what you’re downloading. More importantly, do not install unknown applications, even when you are prompted of their necessity.

Read EULAs and privacy statements carefully before installing anything on your computer. In many cases, the EULA does describe what will be downloaded onto the user’s system – in other words, scams are able to be pulled off because PC users fail to take the time to read license agreements. By not fully reading the EULA, you may agree to questionable activities by the software vendor and even to installing spyware and adware on your computer.

Keep reading for more quick tips on staying safe while using peer-to-peer sites.

  • Use up-to-date real-time protection. Real-time protection is key in keeping malware off of your system. Try Ad-Aware 2008 Plus or Pro - both include the Ad-Watch real-time monitor which proactively detects malware and parasites before they install on your PC.
  • Be leery of adult content videos. Pornographic or adult content videos are often used as a social engineering tactic to get your PC infected.
  • Verify files before downloading. Never download software or a file without knowing exactly what it is. If you are unsure about a certain download, check with an expert at an online security forum, like the Lavasoft Support Forums.
New! Ad-Aware 2008 Plus and Pro Learn More

78Percentage of computer users who lack core protection to keep their computers, information and families safe from cyber criminals.
Source: National Cyber Security Alliance

The phrase blended threats is often used to describe today’s online threat landscape; cyber criminals increasingly use combinations of malware (worms, Trojans, rootkits, viruses), along with multiple attack routes, to get past users’ defenses.

We’ve received a few common queries from our LN readers on the new, extended virus protection in Ad-Aware 2008 Plus and Pro. Here are your questions answered.

“Long considered the grandfather of antispyware programs, Ad-Aware keeps getting better.”

Lavasoft AB Lilla Bommen 1, 411 04 Gothenburg, Sweden | www.lavasoft.com | editor@lavasoft.com