Malware

Every now and again I read some article with a mistaken assumption about malware that inspires me to loudly express my displeasure. While I’m sure my coworkers enjoy my colorful outbursts, I’m thinking maybe putting my commentary in blog-form is more effective than shouting at my screen.

It blows my mind that technical and security-savvy people still downplay a threat as not “destructive” malware if it doesn’t automatically delete your cache of cat pictures, as if this is the worst damage that can be done to your machine. That really misses the point of why malware is created these days, and misses the possibility of non-automated damage.

The biggest Mac malware of 2012, Flashback, was a backdoor Trojan. That is to say, it opened an affected machine up to access by the Trojan’s controller – they could do whatever they wanted to it, including deleting your cache of cat pictures. As we said in an article from this summer, yes, Macs can get malware, and that malware that opens your machine to remote control constitutes “unlimited damage potential.” Just because they don’t automatically harm files on your machine does not mean damage (either financial or data) is not happening. I’m sure anyone who has spent countless hours having to sort out a case of identity theft will disagree with the assessment that they’ve not been harmed. Or you can ask anyone whose online life has been compromised by hackers, for instance.

The purpose of malware these days (and by these days I mean for the last decade or so) is financial: Trojan authors want access to your machine so they can gather data that they can sell, or so they can use your machine to harm others. Long gone are the days of stereotypical creepy dudes in their parents’ basement programming malware to cause the biggest mayhem, so they can see their creation mentioned on the evening news. Now it’s creepy people programming malware to make beaucoup bucks stealing mass quantities of data.

While I’m squarely against over-hyping threats, making it sound like every one-off malware is going to end the Internet, I’m not a fan of downplaying legitimate threats either. If people understand what cybercriminals are really going after and what is really at risk, they can protect themselves appropriately.

photo credit: Truthout.org and Jeremy Brooks via photopin cc