Download Dangers – Download Sites Are Not All Equal

malware 5 Regular readers on this site are aware, that virtually all downloads I recommend, are hosted on CNET’s (download.com), site. There is good reason for this – CNET scrupulously audits hosted downloads, to ensure they are not contaminated by malware.

The same cannot be said for many other download sites.  As a result, downloading can be extremely risky, especially for unaware users.

Ransomware is a particularly vicious form of malware which often piggybacks on what appears to be legitimate software. In most instances ransomeware encrypts the victim’s files, after which the cyber-criminal demands a ransom to decrypt the kidnapped files.

Security researchers at CA, one of the world’s largest IT management software providers, have discovered a new piece of ransomware that blocks an infected computer from connecting to the Internet. On payment of a fee (to be paid by SMS), the victim’s machine will be unlocked.

This new piece of ransomeware uses the uFast Download Manager application download, as an entry point, to infect victims computers. Following installation, the victim is presented with the following screen:

image

(Graphic courtesy of CA)

The following is a rough English translation:

Internet access is blocked due to violation of the license agreement schedules of uFast Download Manager

You must activate your copy

Get a registration code by sending an SMS with the following code fw0004199 to number 7122

In response you will receive an activation message.

Enter the activation message received from the SMS response  ________

Don’t relax your guard simply because this malware seems to be currently focused on Russia. This type of attack knows no borders. Ransomeware attacks seem to be escalating.

If you should become infected by this Trojan your best course of action, assuming your installed malware scanners cannot remove the infection, is to take advantage of the multiple online scanners offered by the major anti-malware software developers.

For a review and list of online malware scanners please read “Free Online Spyware/Virus Scanners – Multiply Your Protection”, on this site.

Note: Download managers are one of the most popular applications offered for download on the Internet, as the following graphic of a Google search indicates – 24,600,000 returned links.

The Browser security application WOT, indicates, that on this page, half of these links are unsafe, or require caution.

Download managers

Regular readers are familiar with the following security precautions – but they bear repeating.

Make regular backups of critical data. If you are infected this may be your only solution

Don’t store critical data on the system partition

Don’t open unknown email attachments

Download ONLY from well established sites, or sites that are known to you

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable scripting features in email programs

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure your anti-virus software scans all e-mail attachments

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Internet Safety, Malware Advisories, Online Safety, Ransomware, Spyware - Adware Protection, System Security, trojans, Windows Tips and Tools, WOT (Web of Trust)

8 responses to “Download Dangers – Download Sites Are Not All Equal

  1. Mal

    Hi Bill,

    Absolutely great advice. One thing I ALWAYS do, even after downloading from CNET, is I scan downloads manually before I even run the application with two or more of my security apps. It might be paranoid, but better to be safe than sorry.

    • Bill Mullins

      Hey Mal,

      Welcome to the “Great Society of Paranoid Internet Surfers”. Now there are 2 members – you and I. LOL!

      Your advice on scanning downloads, regardless of origin, with 2 or more security applications, is spot on. Users get victimized generally because they behave like victims.

      Bill

  2. Very useful info, thanks for alerting us to these risks on download sites, I wasn’t aware for one.

  3. Mal

    Cheers Bill,

    2 members, wow lol. Paranoia is good, in all my years on the internet, I have never had a major infection (and neither has my computer lol).

    Personally, I don’t use download managers, they are just too risky. Chrome’s built in one is good enough for me.

    • Bill Mullins

      Hey Mal,

      Thanks for the laugh – can’t say I’ve never had an infection, although most of them were deliberate: (testing purposes).

      BTW, I agree – the benefit of download managers is questionable at best, and as you say “they are just too risky”.

      Bill

  4. Jim

    Great advice, I have a imac but follow your lead and use wot and other add ons in firefox such as no scripts. Turned on my firewall to block all sharing and none essential traffic. I also took your advice and renewed my subscription for Vipre on my wife’s computer. Keep up the good work love your site. Jim {:-)

    • Bill Mullins

      Thanks for the kind words, Jim – much appreciated. You’re right, file sharing, unless absolutely necessary, is a no-no. Unfortunately, Windows, by default, allows file sharing.

      Glad to hear you renewed Vipre; it’s a great antimalware application.

      Bill