Slashdot Mirror
Cybercriminals Shifting Focus To Non-Windows OSes
Orome1 writes "In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the a new Cisco report. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in 'money muling,' and that users continue to fall prey to myriad forms of trust exploitation."
Will they please target the Linux platform so we can prove once and for all to all the Windows lovers that the underlying architecture protects better than the Windows design?
Do not look at laser with remaining good eye.
Could you tell me how a *scam* targets an OS? I thought the Nigerian Prince thing was cross platform...
Yay, it's safe to use Windows again!
I see in the news that the android app store is now rejecting apps. The apps rejected were ones that downloaded other apps. Thus they were vectors for invasive software. Or at least potentially so. Likewise Moto is locking down droid with a re-incarnating system rom and apoptotic immune system. Apple has been heavily criticized for it's app store restrictions. But to me all these moves are a great idea. I don't want my phone to be so versatile that I have constantly be vigilent. Someday I might work up the nerve to let it function as a credit card. I defintely want to see years of virus/torjan free operation before I try that.
If I wanted a toy I could program as I wish I'd buy one of those. But please let there be some severly locked down phones before we all get telphonically transmitted diseases.
Some drink at the fountain of knowledge. Others just gargle.
It's safe to use Windows again! :)
The more steps the user has to complete, the more likely that they will fail to install the malware on their system.
90% success with a single step is only 81% success with two steps (of 90% success each).
Three steps (90% success each) is only 73% success.
And that's not even counting the various worms that won't work because the systems do not ship with services listening for them by default.
You will NEVER stop trojans ... but you can reduce their number significantly just by requiring more steps for their installation.
The CISCO report highlights growth in Apple's reported patched vulnerabilities. But it seems to me that a theoretic vulnerability is not the same as an actual real-world exploit. This is particularly true when there's a zero-day exploit that causes 'badguy code' to run. If that code runs in a non-privileged account and therefore can't accomplish its intent, does that count as an actual problem?
I'm not trying here to push the "Macs are better" argument, but rather explore the question of how we measure vulnerabilities, exploits, etc. And of course, there's the "decidability question" that others have mentioned: How do you know when an attempt to exploit a vulnerability -fails-?
So maybe we need 3 measures:
vulnerabilities
attempted exploits
successful exploits
A lot of people have argued (the "antibody" approach) that it's better to focus on recovering from/mitigating an exploit, rather than believing we can remove all vulnerabilities. Would our current measures show the success (or failure) of that approach?
"Cybercriminals Shifting Focus To Non-Windows OSes"
Ugh... I've been playing too much Shadowrun apparently, because this headline brought on all sorts of odd imagery.
Common myth still spreading around that macs do not have viruses. Majority of its users still do not have anti-virus software of any kind.
The pioneer who goes in first, strikes the gold.
New Economic Perspectives
"Will they please target the Linux platform so we can prove once and for all to all the Windows lovers that the underlying architecture protects better than the Windows design?" - by Lumpy (12016) on Thursday January 20, @10:13AM (#34939742) Homepage
ANDROID TROJAN:
http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952
Since ANDROID is Linux, you've already proven yourself wrong...
What's happening on ANDROID phones (and ANDROID is a Linux derived OS), per the URL above, is only a "portent of things to come", IF Linux ever manages to get more users than does Windows on the PC platform.
I.E.-> Malware makers/hackers-crackers (etc.)? They're like pickpockets!
E.G.-> Pickpockets don't just victimize a "crowd of one" or a few only, but instead, they opt to go to train stations, subways, crowded malls or streets (where a LOT of possible victims are, so they have greater "attack surface area" - this is like Windows on PC's: MORE USERS = MORE ATTACK SURFACE AREA from a SINGLE CODEBASE FOR ATTACK... & THAT is why Windows is more attacked (more users, period, by far)).
Microsoft's getting their "bootcamp" here, their training & fixing up points of attack vs. these malware makers... Linux has YET to see that, & if it ever does? Same shit will happen to it, as is happening to Windows lately!
E.G.-> MacOS X, once it started getting more users? It too, began to be more attacked, period... the same will hold true for Linux, mark my words (IF, again, it EVER makes it to the "most used/top #1 spot").
APK
P.S.=> After all: It's NOT like Linux's design precludes its webbrowsers &/or email programs that use HTML from using javascript, with its SAME BUSTED "DOM" & ALL as it is on Windows (same on Linux), & that's where the majority of attacks come from nowadays - attacking weak, scriptable apps (Office Suites &/or Webbrowsers + email come to mind, quickly)... apk
"Mr. Balmer, we must not allow a malware gap!"
Are they talking about confidence games? As in, ``It's called a confidence game. Why? Because you give me your confidence? No. Because I give you mine''?
I'm not sure why Cisco feels the need to invent a new term for something that has been commonly understood since 1849...
Yeah, but just one question :
Will they please target the Linux platform
Which of the gazillion of different flavour of Linux should they target ?~
And on which CPU : the traditional Intel-derived architecture ? The ARM on which it seems to be selling like hot cakes ?~
Oh, you meant that diversity is actually part of the Linux' strategy to be more resistant ?!?
More seriously :
Serious software developer are constantly complaining that it's hard to write closed-source binary blobs that target the whole Linux nebula.
(As opposed to open-source, which is easier to custom patch and compile, and can be adapted to various flavour by the distribution package authors or 3rd parties).
And that's regular software which is supposed to only exhibit normal and usual behaviour.
Now just imagine the mess that would be trying to write trojans that have to rely on exploits and other dirty hacks, in order to gain the sweet "Root" privilege and to stay stealthy.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
2011, year of the mac virus!
Come on people, you knew it was coming.
Now its going to come like a porn star, spraying all its infected goodness all over apples.
About 643,000 results (0.18 seconds)
About 7,850,000 results (0.09 seconds)
Also...
http://en.wikipedia.org/wiki/Linux_malware
Mit der Dummheit kämpfen Götter selbst vergebens
At least on my Windows PC, I have enough experience and knowledge dealing with Viruses and such that I have a reasonably good idea if my computer is infected. Common sense, using the right apps and such help reduce the threat.
I don't have the experience or knowledge of handling this with my Smartphone (Blackberry). I'm more concerned given the sensitivity of the data that I exchange on this platform - personal and business calls as well as e-mail that I don't know what adequate protections to use on the phone. I've disabled Javascript on the phone for web browsing, don't access Flash content and I've only installed a few official apps from BB or dependable vendors.
What's worse if the general public that aren't very Tech or computer savvy. Presumably they are just as vulnerable or perhaps more so. My cousin who's a programmer has installed over 50 apps on his iPhone. I've read of people installing 100's of apps from the iStore or ditto with Jailbreaked phones.
I'd be curious to know how difficult it would be to get rid of a virus or spyware on common smartphones since the OS isn't always reinstallable and I'm not sure if 'resetting' the phone to default values might install the original OS.
And it has been fine-tuned towards the desired victim.
If the scam was targeting people running ultra custom mods derived from the Species 8472, they would simply make specific adjustments.
And only in that last execution part of the scam. The entire play up to that point stays the same.
And besides the fact that "running ultra custom mods derived from the Species 8472" relies on security through obscurity, let us not forget that Species 8472 were defeated through use of malware.
I.e. Borg nanoprobes specifically programmed to mimic their "electrochemical signatures, so that they could evade detection by Species 8472's immune system".
Mit der Dummheit kämpfen Götter selbst vergebens
...to Windows-based devices. Wonderful! \o/
You're not seriously using the Google Fight argument are you?
https://encrypted.google.com/search?q=the+sky+is+red
There you go, the sky is red, 216 MILLION Google results confirm it.
"When information is power, privacy is freedom" - Jah-Wren Ryel
For a virus to be acceptable for use on an Apple computer it must be current? Talk about elitist.
Also, doesn't your computer have internet on it?
Mit der Dummheit kämpfen Götter selbst vergebens
Apple has been heavily criticized for it's app store restrictions. But to me all these moves are a great idea.
For me it's a great idea, as long as it's not mandatory.
In Apple's case, it's bad because there's no other choice. You only have the walled garden mode. And for everything else, you have to rely on exploits to root your very own phone.
In HP/Palm Pre & WebOS's case it's good because out-of-the-box you have 2 choice :
- Joe six pack will happily use the phone in its current state, the walled garden protecting him from the dangers of the homebrew world.
- Advanced users will simply type a specific and documented command and switch the phone into "dev mode" enabling them to install other software, add new repositories, etc. If anything gets broken beyond any recognition, java software is available to reset the phone to factory default.
I understand the need of a walled garden. I appreciate that most company try to provide one, but I also require that the final decision should be left to the user.
I voted with my wallet, my smartphone has no Apple logo on it.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Google servers heat up the straw in the straw man, until it catches fire and BURNS.
Also, you lose 10.000 internets.
Forever.
Mit der Dummheit kämpfen Götter selbst vergebens
however I am not one to open e-mails from people I do not know, nor am I one who would just type in his system password when prompted.
Unfortunately based on several local user group meetings I know a lot of people who would do both. First and foremost because they are utterly convinced in their superiority to PC users and OS X's immunity to viruses, after all if they harm OS X Apple would provide a virus program.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
ANDROID TROJAN
No OS can completely protect itself from dumb users installing trojans, though Linux can do that a heck of a lot better than Windows can (e.g. if you have SELinux configured so that the 'Natalie Portman Hot Grits Screensaver' can't access files that a screensaver shouldn't be able to).
Developers can sign and install apps on their iphones as well.
Some drink at the fountain of knowledge. Others just gargle.
The Year of the Linux Desktop!
The graph on page 33 of the Cisco report calls BS too but the guy writing the report didn't bother looking at his chart or the data.
Shoddy, shoddy research.
"Linux can do that a heck of a lot better than Windows can (e.g. if you have SELinux configured so that the 'Natalie Portman Hot Grits Screensaver' can't access files that a screensaver shouldn't be able to)" - by 0123456 (636235) on Thursday January 20, @01:08PM (#34942160)
I think not: After all - Linux didn't even HAVE SeLinux, initially & FOR YEARS (until the NSA "bolted it on" onto Linux distros later), & secondly? Windows NT-based OS, natively built in, already have most ALL of what SeLinux has, & before IT DID!
Now, additionally, IF you'd like to see more of what it can do, & how to use it? See here (any of the 15 or so forums sites that guide on securing Windows of modern varieties that I wrote are on, essentially):
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
---
"No OS can completely protect itself from dumb users installing trojans" - by 0123456 (636235)
on Thursday January 20, @01:08PM (#34942160)
That's true, especially if users disregard warning messages & "just click OK", but, that's what UAC in Windows, & Linux sudo are for... you can only hope that users pay heed to said warnings from those methods (or others like WOT in FireFox for another example, or from software firewalls rules etc./et al), & get used to "computing by 'least privelege'" as time passes...
APK
P.S.=> Lastly, in closing, per my subject-line above? See here:
Soundminder Android Trojan Hears Credit Cards:
http://mobile.slashdot.org/story/11/01/20/1534236/Soundminder-Android-Trojan-Hears-Credit-Cards
More exploits of ANDROID OS (a Linux variant) are on the way... you can BANK on it! apk
The stuxnet attack shows that exploits aren't only good tools for scammers- they're viable weapons of war. Stuxnet sends a clear message that other countries would be wise to get off the Windows OS. To make a chess analogy, the Windows OS is a powerful chess piece, a queen. It was used in the attack against the Iranian Nuclear facilities. Now, it's off the board because an adversary shouldn't get fooled twice in a row. So, in the "Spy vs. Spy" battle, I'm sure that planning goes on to be prepared to attack whatever will replace Windows. The allegations against OpenBSD's ipsec already call that into question. Linux? Mac?
p.s. It's clear that the four zero-day attack vectors included in Stuxnet required some serious work, or else inside knowledge.
Your argument that my argument is a straw man is a straw man.
You do realize that is the equivalent of saying "Well, your argument that I'm making a straw man argument sucks"?
Many Google results for something does not mean that thing is common, correct, or even exists at all.
And there you go again. Also, putting words in my mouth.
I was not citing Google results as correct, common or actual.
Nor was I making an illogical claim like "Sky is red" (which in on itself is true every day around sunset, it is just that most of the day Earth's sky has another color) and then using the shear number of results as a counter-argument.
I.e... "Creating the illusion of having refuted a proposition by substituting it with a superficially similar yet unequivalent proposition (the "straw man"), and refuting it, without ever having actually refuted the original position."
By using results that, might I add, mostly have no connection with the "Sky is red" claim.
Why does the sky sometimes seem to be pink and red?
Answers.com - Why does the sky sometimes seem to be pink and red
Meteorology and Weather question: Why does the sky sometimes seem to be pink and red?
Is “Red sky at night, sailor's delight,Red sky in morning ...
Is the old adage “Red sky at night, sailor's delight. Red sky in morning, sailor's warning” true, or is it just an old wives' tale?
Red sky at night
Red sky at night - the meaning and origin of this saying.
The Sky Is Red (work by Berto) -- Britannica Online Encyclopedia
There were sad tales of lost war by Giuseppe Berto (Il cielo è rosso [1947; The Sky Is Red] and Guerra in camicia nera [1955; “A Blackshirt's War”])
Red Sky Restaurant & Lounge - Faneuil Hall Marketplace Restaurant ...
Serves eclectic cuisine downtown. Includes a menu and pictures.
Why is the sky Blue?
When we look up at the sky, the red cones respond to the small amount of scattered red light, but also less strongly to orange and yellow wavelengths
I was simply pointing to results of a search containing two words.
I can't really control what comes up on Google when you do that search, now can I?
It could have just as well been a series of articles saying that there is NO malware for OS X or Linux.
I did not ask for a specific result to my query, nor did I imply any kind of relation between the terms.
I simply asked Google "Hey Mr. Google, what do you have to say about these two topics?".
Feel free to go and flame Google cause you find their results to be not objective enough.
Also, before you go all "No you didn't", this short course might help you with making the distinction between an argument and a contradiction.
By creating this recursive strawman loop you are sucked into the straw man universe, where you are a sex slave to splintery straw men for the rest of eternity.
Terribly sorry, but your original straw man WAS burned by Google.
But if you feel the need to restate it again and support it with another one.. well... you just said what you believe happens in such cases.
Not that I'm saying that it is, but while I do know that your beliefs are actually silly superstition - it is not my place to forbid you from believing in them.
But I do reserve the right to point out your fallacy.
*points at monitor*
/Nelson
Nelson
Haw-Haw!
Mit der Dummheit kämpfen Götter selbst vergebens
Servers running IIS or Apache with admins behind them are too much work for criminals. There are currently Java exploitation kits on the black market that nail users every time. That is just from users having updates off, not new exploits.
Siemans!
For justice, we must go to Don Corleone
Since MS Windows has the largest share of the operating systems in the world, hacker just need to one set of code that will work on 90% of the machines of the world would least amount of work for largest "spread" of systems in the world. Also hackers has taken advantage so many of these MS Windows systems are un-patch and don't have any type anti-malware program so they just exploit bugs in MS Windows. Finally, hacker has created so much Trojan horse or hacked legitimate programs for the MS Windows environment and so many people look for "free" programs on the internet so hacks just put these "free" Trojan horse programs and the hacker take over the MS Wiindows system.
However, now most hacker have concentrating on cross site scripts issues in web and other network based attacks. Also other operating systems like the Mac or Linux give a new challenge to these hackers for them to exploit.
Um, sorry to be the bore at the party but..... Linux has a working security model.
I know m$ have worked hard to make everyone forget that they don't, but there it is.
So while Windows CE dies a death along with Symbian, its pretty much a case of GoodLuckWithThat to these guys as far as the other OS's go.
Apps (and stupid things like Ruby and Java) can be exploited, but they can also be restarted, locked down, and fixed, whereas m$'s crashware can't.
QED really.
No kidding. FTUs should be a standard performance metric for all IT professionals. "How many FTUs did you earn today?"
The apple way requires you to pay (the iPhone developper license to upload code into device) to have access to a functionality (running arbitrary code) which was already present in the first place, back when you bought your device. It requires you to agree to restrictive license (which theoretically could limit what you're allowed to do as a developer). And forces you to acquire specific and expensive platforms (the iOS SDK online runs on Intel Macs).
And require every one in the community of non-garden-walled-application users to do the same (pay + license + hardware), just for the same privileges.
All-in-all, the Apple Dev solution is geared toward small and big software labels. Not toward individual swapping homebrew around.
See the results : there is not a large user base paying the "developer tax" just to be able to load use and swap around homebrew software. Most of the homebrew users are gravitating toward jailbreaking/rooting the phone. Tell me when there's a massive community emerging that swaps homebrew software around using the (paid for) dev mode. Tell me when this community can install its own package manager to access 3rd party homebrew repositories beside the default Apple AppStore. (I bet you Jthe developer license forbids you to create and deploy software that enable users to download and install software from outside the AppStore - it's either buy your SteveJobs-approved iFart application from the official store, or compile your rebel app yourself on your expensive intel mac and upload it after paying for the right to do it).
Meanwhile : webos have the dev mode accessible out-of-the-box. As in "you get the smartphone out of its box, drop a sim in, put the battery, log in, and just type the command". Everyone motivated and wanting to access homebrew can do it. No need to pay for an extra, no need to agree a restrictive license, and no special hardware requirement.
Result: there is an active community sharing and using homebrew, without any hacking required. There are lots of simple point'n'click cross-platform tools to help install user selected 3rd party software (java tools running on Intel Linux/Mac/Windows). There are special package manager (Preware) which give access to additional 3rd party homebrew applications directly from within the phone. (So, once you install Preware, you aren't even tethered to a PC anymore, you can get your fix of homebrew directyl over WiFi/3G). And no special license signing is required along the way (you bought the device, you do whatever pleases you with the device, as long as its legal where you live).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]