A Guide to Internet Security Terms

Every Internet user should at least have a basic understanding of the terms used in regard to online security and so I have collected a few of the popular ones and put them in this article with a brief explanation of each.

Adware means “Advertising Supported Software”. It refers to placing adverts in software or distributing them along side a software download.

Bots are software applications that run automated tasks over the internet. Bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human editor alone.

Cross-site scripting This is a method of placing malicious scripts on websites that are then “executed” inside the web browser of the person viewing the website. These scripts can be dangerous at times.

DDos stands for Distributed Denial of Service. A DDoS attack attempts to consume the target resources so that it can not provide the service. In plain English this means a website can be brought down by aiming 1,000’s of page requests a minute until the website can no longer cope and fails!

A drive-by download is a program that is involuntarily downloaded to your computer, without your permission or even your awareness. A drive-by download can be commenced by simply visiting a Web site or viewing an HTML e-mail message. Read the rest of this entry »

InviteShare.com – Are you risking too much to get an invite?

Its a great concept! A site where people can share invites for different web services which are invite-based only. Instead of searching for invites on the web or waiting for an invite you requested from that particular site, you can go to InviteShare.com and request an invite, and usually you will soon be invited by one of the users.

But the downside is that there is no provision to protect the privacy of users. Once you request an invite, your email address will be visible to anyone who holds an account at the site. Now imagine what happens if a spammer gets hands on your email address. In fact, people have reported an increase in spam in their inboxes after they signed up at InviteShare. Well, every good thing has its price. So are you going to request an invite again at InviteShare?

Talking Trojan Deletes PC Files

A new Trojan has been talking PCs into being infected, while it simultaneously deletes all the files on the computer and gets away by wishing you a nice day.

The BotVoice.A Trojan, detected by PandaLabs, uses Windows text reader to say, “You have been infected I repeat you have been infected and your system files have been deleted. Sorry. Have a nice day and bye bye.”

These comments are repeated in a loop as the trojan tries to delete all the files in the computer’s hard disk. It also renders computers unusable as it modifies the Windows registry so that none of the programs installed on the computer nor the task manager can be run. It also disables the Windows registry editor in order to safeguard its actions.

This trojan uses P2P networks, physical storage devices, such as USB memory sticks, floppy disks or CD-ROMs, and downloads performed by other malware or from malicious web pages, to look for victims.

PandaLabs has warned that in cases of a new and previously unknown Trojan like BotVoice.A, the infection will not be prevented by traditional antivirus software, which relies primarily on signature files of known malware.

More information here

Beware! Harry Potter Fans (and others too)

Security experts have warned of a newly intercepted worm that carries its malware payload in a file purporting to be a copy of Harry Potter and the Deathly Hallows.

The Hairy-A worm can automatically infect a PC when users plug in USB drives, which carry a file posing as a copy of the eagerly anticipated book.

If the users have allowed USB drives to ‘auto-run’ they will see a file called ‘HarryPotter-TheDeathlyHallows.doc’. Inside this Word document is the simple phrase ‘Harry Potter is dead’.

The worm looks for other removable drives to infect and attempts to create a number of new users on infected computers.

These ‘new users’ appear as the main characters from J K Rowling’s celebrated series, namely ‘Harry Potter’, ‘Hermione Granger’ and ‘Ron Weasley’.

After logging in, users are shown the following message via a batch file:
‘read and repent
the end is near
repent from your evil ways O Ye folks
lest you burn in hell…JK Rowling especially’

The worm’s final trick is that every time infected users open Internet Explorer, they will find their start page has been redirected to a spoof Amazon.com web page selling a book entitled ‘Harry Putter and the Chamber of Cheesecakes’.

So do not download any such file and keep your system secure with daily antivirus updates.