Infected
I’m currently in the midst of what will hopefully turn out to be a not-too-protracted bout with an especially nasty piece of malware, in this case an ugly pop-up window-filled thing that masquerades as an anti-virus program (ha!) and tries to get you to install what is sure to be some even nastier junk if you want to do away with the current messiness. It’s my fault, I suppose: a friend’s Facebook account sent me a link (ignore it, he later messaged me, but several hours too late), but then I ignored the warnings of my browser and my operating system alike, clicking through to the spyware-infected page and allowing the installation program to run even when everyone knows you’ve got to be more careful than that. And so here I am, running a virus scan in the background and googling away for tips on clearing this thing up.
I’ve dealt with this sort of attack before, and so this time I knew pretty well where to turn – though check back in tomorrow to see whether that initial confidence is warranted. But I simply can’t imagine the likely response of someone (my mother, say, or even my wife) with significantly less knowledge of and – more importantly – comfort around computers, when the system goes haywire with warnings of impending doom. Call tech support? Check in with a friend, child, or spouse? Or maybe you just click the “OK” button on one of those windows that pops up and tells you that your machine has been infected and you had better let them fix it … that’s how these computer things work, right?
But the bigger question that’s been bothering me is that of who in the world would create a thing like this. Despite the program’s occasional clumsiness – the icons are ugly, words are sometimes misspelled, and what kind of anti-virus program keeps opening up new Internet Explorer windows that it won’t let you close? – it’s obviously a very intricately-coded piece of software, and it’s not at all clear what is supposed to be the payoff for the hundreds or even thousands of hours that likely went into designing it. Does the program I’m supposed to go ahead and download cost some money? Are my passwords and credit card numbers being stolen even as I type? Are the hackers in cahoots with the purveyors of the real anti-virus programs? Or is it all being done simply for the thrills? And if the last of those, then … yeesh.
Perhaps it’s only someone in my present state who finds this question interesting, but does anyone know of anything good that has been written – something along the lines of this, perhaps – on the topic of who these people are and what they think they’re doing? And no, Alan, I don’t want a lecture on how Macs are better on this score than PCs – just some kind of window into who in the world decided that writing a program that would force me to take time away from blogging my dissertation to work instead on cleaning up my hard drive would be more worthwhile than … well, than pretty much anything, really.
I imagine there’s a quote from The Dark Knight soon to appear in this combox…
— Freddie · Dec 4, 06:32 AM · #
I don’t know details on programs that do what you’re talking about. However, I wager that if you buy antivirus software from this IE popup, it won’t actually sell you antivirus software, but it might take your credit card information.
A lot of viruses these days install themselves on your computer in order to use it as part of a botnot. A group of people in Russia (I assume other countries do this, but you always hear about Russia). Once they control these computers, they’ll let them keep running, but use background processing to do what they want. One possibility is sending spam emails. Another is using the computers for a denial of service attack, where they flood a given website with thousands of connection attempts per second so that it becomes inaccessible—or they might blackmail a company based on the threat of such an attack. More on wikipedia.
— Justin · Dec 4, 07:09 AM · #
“You’ve got all these rules and you think they’ll save you.”
— Scott H Payne · Dec 4, 07:45 AM · #
John-
The same thing just happened to me a day or two ago! I can’t believe how stupid I feel, but you make a good point – I literally have no idea what my mother would do if this happened to her.
— airik · Dec 4, 08:22 AM · #
John, you are fortunate to know me in my era of spiritual maturity and emotional equilibrium. I would never think of asking you why the hell you’re putting up with the indignities of Windows when you could so easily enter the blessed realm of Mac where spyware, malware, and viruses are unknown and Everything Just Works. Nope, such a thought wouldn’t even cross my mind, not any more.
— Alan Jacobs · Dec 4, 02:05 PM · #
John, in terms of why someone would do this kind of thing:
One of our lab computers (at Berkeley no less) got hacked from some faraway remote locale and the way the system administrators explained to me what was happening was, hackers go looking for academic computers or those around universities especially. They tend to be overpowered, have lots of space, be left on a lot, be really, really well networked, and have poor or disabled firewalls. Anyway: said hacker then uses the disk space on the computer and its network access for that hacker’s own business, which likely as not doesn’t actually involve your credit cards or anything else about you the computer owner. So when we’re not taking data or writing pubs or what-have-you, the computer is happily whiling away the lonesome hours selling child porn to Singapore. Like a kind of commercial SETI@home.
Which is, frankly, kind of cool, and gives one a certain illicit thrill when one does one’s work, so it is tempting to just leave it. But I guess what then happened was that the computer went out “attacking” other local computers, looking for vulnerabilities (and in all honesty, I thought that was kind of cool too, especially once I heard the word “attacking,” and I’d have schemed to keep the hack in place if only I could’ve figured out how to tell it whose computers I wanted hit).
My personal solution to this for many years, by the way, which will make your Windows PC in many ways as safe as Alan’s Mac (and I personally am OS-agnostic), has been to set up the system with a bunch of user logins that don’t have administrator access and then very, very rarely log in as the administrator: basically only for housekeeping and updating some software. You go online from your personal account, which has no system privileges. That will on some occasions — but not so often — be annoying. Much less annoying then frequently reformatting your hard drive, however. Probably a smart thing to do if your Ph.D. thesis is there too.
— Sanjay · Dec 4, 03:54 PM · #