Five malware myths

I found a story called Five Malware Myths and take no issue with anything it says. Run antivirus, whitelist your program directories, run EMET, and you’re reasonably protected but not invincible. But nobody is as invincible as the majority of people seem to think they are.

Let’s take them one by one.

  1. No, you won’t always know you’re infected: Modern malware is stealthy. Some even self-destruct upon reboot or network link going down, in order to avoid being detected. They’re so sneaky, they value stealth over persistence. Bonus: This also means the monthly reboots you get from having Windows automatic updates turned on and scheduled automatic weekly router reboots can help keep a system clean. But don’t fall into the trap of thinking reboots are a substitute for running antivirus, OK?
  2. Contrary to popular belief, it’s not just gambling sites and sites with dirty pictures that get you infected. Infecting innocent sites in order to infect its visitors is a common tactic these days. It’s called a watering hole attack. Last year, attackers got into a bunch of DoD and defense contractor networks by infecting a site run by Jane’s, the publisher of military airplane data.
  3. Yes, Macs get malware. Here’s one list of known Mac malware: http://macscan.securemac.com/spyware-list And if you visit it, you’ll find it’s longer than you’ll expect. It was longer than I expected it to be.
  4. Your computer has nothing of value on it? Brian Krebs begs to differ. At the very least, an attacker could target your Windows license, which is worth about $80, and trust me, you don’t want to have to replace that.
  5. You’ll just restore from backups, you say? Good on you for doing backups, but yes, your backup could be infected. Re-scan your backups before you restore, and when you rebuild, rebuild from scratch, not just laying down a Ghost image. I have found previously undiscovered malware on old backups before.

 

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux