Malware Speaks! Please Listen

If malware could speak, what a tale his thoughts could tell.

If you could have a conversation with one, or more, of the scourges that infest the Internet, you might be surprised at what could be learned from such an imaginary conversation. It might go something like this:

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor. Since LOP is a shift changer, and is often incompletely recognized by many tools – particularly newer forms of the infection, he’s having a hell of a good time.

The people he works for (some might call them cybercrooks – well, actually everyone calls them cybercrooks), are experts at convincing you to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Here’s what WOT has to say about mp3search.com. Click on the graphic to expand the image.

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded – making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try, you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a Keylogger to capture your key strokes and just for fun, he’ll go on to scan your email contact list so that he can bug your friends. Hmm, maybe they’ll soon to be your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that most people, haven’t installed the latest operating system updates, nor have they updated their security applications, like their supposed to.

Even if they have taken care of updating their operating system, it’s almost certain that they haven’t updated installed productivity applications, and LOP knows just how vulnerable these applications can be.

So, think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon. You have a good day now.

This is an edited and revised copy of an article originally posted here July 14, 2009.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

If Malware Could Speak – What a Tale it Would Tell!

If malware could speak, you could have an illuminating conversation with one, or more, of the scourges that infest the Internet.

You might be surprised at what could be learned from such an imaginary conversation. It might go something like this –

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor.

He will accept your invitation, to infect your system if, for example, you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that he likes to piggyback on. There are many more than that of course.

The people he works for (some might call them cyber-crooks – well, actually everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded  making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try,you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his other malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a keylogger to capture your key strokes and just for fun, he’ll go on to scan your email address book so that he can bug your friends. Hmm, maybe they’ll become your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that like most people, you probably haven’t installed the latest operating system updates, nor have you updated your security applications, like you’re supposed to.

Even if you have taken care of these critical areas, it’s almost certain you haven’t updated your installed productivity applications, and LOP knows just how vulnerable these applications can be.

So think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon.

You have a good day now.

Elsewhere on this Blog you can read “The Best Free Spyware, Virus, and Browser Protection”, an article on free anti-malware programs, including anti-virus software, and you can download those that suit your needs.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

A Conversation with Adware – Secrets Revealed!

If you could have an imaginary conversation with LOP, just one of the millions of malware/adware strains currently circulating on the Internet, it might go something like this –

I might be adware, but I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

I’ll accept your invitation, to infect your system if, for example, you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that I like to piggyback on.

Just so you know though, I’m pretty lazy so you won’t be able to actually download any files using these bogus applications.

My masters (some might call them cyber-crooks – actually, everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like me.

I’m a pretty neat piece of adware (my masters are pretty smart fellows), since I’ve been designed to display ads from a range of advertisers through pop-up windows, banner ads and so on. Oh, and I’ll automatically switch your Internet Explorer home page to my own search engine. One I particularly like is http://www.mp3search.com. When searches are made with this engine, the results that you get will be advertising pages that I choose to display.

(Sample misdirected search – click pic for larger)

Just in case you decide that I’m no longer welcome on your computer (that happens to me all the time), I’ll connect every so often to a web page from which I’ll download new files containing variants of myself which will make it difficult to delete all of my active malicious files on your system.

I should tell you that I’m extremely hard to get rid of, and just in case you try to get rid of me, I’ll make over 200+ changes to your Registry Keys. And in case that’s not enough to dissuade you from trying to kick me out, you should know that I have the ability to invite lots of my other adware friends over to party on your system.

I love to monitor your system’s processes, and I can even play with your security applications making them ineffective. Once I’ve done that, I can unleash my keylogger to capture your key strokes and just for fun, I might even scan your email address book so that I can bug your friends.

In my spare time I’m going to look around your operating system for vulnerabilities, because I’m pretty certain, that like many people, you haven’t installed the latest updates nor have you updated your security applications, like you’re supposed to.

Hey man, I’m here for a long, long visit, so think carefully before you offer me that invitation.

Have a good day now.

Elsewhere on this Blog you can read “The Best Free Spyware, Virus, and Browser Protection”, an article on free anti-malware programs, including anti-virus software, and you can download those that suit your needs.

I am LOP – I am Adware – I WILL Control Your Computer

I might be adware, but I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

I’ll accept your invitation, to infect your system, if you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that I like to piggyback on.

Just so you know though, I’m pretty lazy so you won’t be able to actually download any files using these bogus applications.

My masters (some might call them cyber-crooks – actually, everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like me.

I’m a pretty neat piece of adware (my masters are pretty smart fellows), since I’ve been designed to display ads from a range of advertisers through pop-up windows, banners ads and so on. Oh, and I’ll automatically switch your Internet Explorer home page to my own search engine. One I particularly like is http://www.mp3search.com. When searches are made with this engine, the results that you get will be advertising pages that I choose to display.

Just in case you decide that I’m no longer welcome on your computer (that happens to me all the time), I’ll connect every so often to a web page from which I’ll download new files containing variants of myself which will make it difficult to delete all of my active malicious files on your system.

I should tell you that I’m extremely hard to get rid of, and just in case you try to get rid of me, I’ll make over 200+ changes to your Registry Keys. And in case that’s not enough to dissuade you from trying to kick me out, you should know that I have the ability to invite lots of my other adware friends over to party on your system.

I love to monitor your system’s processes, and I can even play with your security applications making them ineffective. Once I’ve done that, I can unleash my keylogger to capture your key strokes and just for fun, I might even scan your email address book so that I can bug your friends.

In my spare time I’m going to look around your operating system for vulnerabilities, because I’m pretty certain, that like many people, you haven’t installed the latest updates nor have you updated your security applications, like you’re supposed to.

Hey man, I’m here for a long, long visit, so think carefully before you offer me that invitation.

Have a good day now.

Elsewhere on this Blog you can read an article on free anti-malware programs, including anti-virus software, and you can download those that may suit your needs.