New kid on the malware block teaches SMBs old lesson
Stealing account numbers and access passwords to financial resources is almost par for the course for today’s malware, but according to Trend Micro, there really is something new under the sun: a malware program that also dedicates itself to harvesting FTP credentials. Businesses in this nation are particularly at risk according to the antivirus firm, given Trend Micro’s blog post on the issue, which stated that: “About 70 percent of total infections are within the United States.”
Other factors also indicate that business users may be at more risk than those whose computer use is entirely personal. This is because the mere fact of harvesting passwords for FTP programs may mean that the goal of the attack is to steal data that is stored on servers using File Transfer Protocol. Another possible aim of the cyber attack may be to compromise entire websites that happen to be stored on servers accessed through FTP. It is common for many SMBs to communicate with their servers via FTP, but relatively less likely that an individual computer user will be in the habit of using the popular business protocol.
The malware culprit in question is not entirely new. Instead, it is a variant of a malware family that was first brought to light back in 2010. This most recent variant’s operation is a case in point concerning why both business and personal computer users should be sure to keep the plug-ins in their internet browsers completely up to date.
Such plug-ins can provide data loss protection against sites that use Java to install malware on unsuspecting machines in what is known as a “drive by download.” All an internet user has to do to become infected is to visit the website hosting the malicious program, which can also be hidden inside PDF code. Such websites are not necessarily limited to those that look dodgy on their surface, either. Some are disguised as legitimate business endeavors.
Even more confusing for the end user, some actually are legitimate business endeavors that have had the misfortune to be served with ads containing the malicious code; the website may not even be aware that it is engaged in distributing malware.
Computer security experts advise end users to keep their antivirus, anti-spyware, and browser plug-ins up to date. Businesses may want to invest in a company-wide strategy so that they can be sure that all systems are in sync with current best practices for avoiding malicious software on the web.
Source:
http://www.networkworld.com/news/2013/071513-unusual-file-infecting-malware-steals-ftp-271796.html
Learn more about the author Bob Martin