The online definition: “Malware, short for malicious software, is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems.” – Wikipedia
In elementary school everyone was scared of getting a computer virus. The threat of data loss or not being able to use your computer gave chills to some people.
Back then a virus on your computer could be a serious and scary thing, strings of code replacing your data and replicating like mad, but times have changed.
The regular code replicating virus isn’t as common anymore, and the focus has turned to making money by tricking a person into willingly providing their credit card and bank information.
Over the last few years attention has become more focused on Malware, Spyware, and Adware. If you are searching the web or playing the newest online game and all of a sudden a window pops up on your screen saying your computer is about to crash, that it’s got thousands of infections, and you’re seconds away from losing all your data, you’re more than likely going to panic.
These malware infections go by recognizable names like “Windows Anti-Virus 2012” and “Microsoft Anti-Virus 2011,” for example. Their hope is that you’ll believe them and pay for their software (generally priced $49 to $79), which is giving them access to your financial accounts. The software appears to be scanning the files on your computer, but it’s only a show, purely for your entertainment. In some cases the software is actively downloading your files, the saved passwords in your browsers, and may even hijack your email address and address book.
Sometimes the malware will go away for a day or two after you pay them, before popping up again. But more likely, it will immediately tell you your credit card was declined. This is another way of getting more of your account numbers from you. As you think about why one card was declined, you give them another one, and another one, and before you know it, there’s nothing left in your wallet that you haven’t given them.
A few years ago I had one customer who paid for “Windows XP Anti-Virus 2011,” and the people behind the malware got an authorization on her credit card for $7,000 within the hour, after trying for $10,000. Luckily for her. the bank called to see if she was buying $7,000 worth of merchandise from Pakistan.
Most of the time a malware infection is just annoying, preventing you from going online or opening any programs, and luckily most IT professionals can get rid of them fairly easily. The people responsible for malware are constantly trying to evade detection software, changing names and registry IDs, and locations of their software on your computer. One particular malware infection can become a serious problem for you and the IT professional working on it.
The “FBI” malware infection can be one of the most difficult infections to remove. The newer versions of this infection can create hundreds of copies of itself, in many different locations. If one is removed, the next one in line activates.
In one instance, I had to remove, by hand, more than 300 copies of the FBI malware infection, and remove many entries from the registry (many malware infections don’t go so in-depth). The more serious side of this infection is that it downloads child pornography onto your computer, and when you attempt to do anything besides paying them their $300 to $500 ransom they demand, they pop up these images on your computer screen. They hope to scare the user with these images, forcing them to pay the ransom to avoid others seeing what’s on their computer, victims hope that once it’s paid, it will go away, but it doesn’t.
This malware infection doesn’t want your credit card number or bank account information. They want you to go to a store and buy a pre-paid card and give them the number. There is no fraud protection for you in this instance. You cannot call the pre-paid card company and get your money back. Once they take the money, its gone, and you are left with images on your screen.
If you see a screen appear on your computer with the FBI logo, the Department of Justice logo, or the Internet Crime Enforcement logo informing you that they have caught you doing illegal activities and the cops will be at your door shortly unless you pay them, I recommend turning off your computer as soon as possible and contacting an IT professional immediately. Do not try to get rid of this infection on your own; any attempt to close it or remove it may result in these images showing up on your screen. The longer you leave your computer on, the more copies the malware infection can create on your computer, and the harder it will be to remove it.
Something to remember is that there is no one-stop fix for all software. In many cases a variety of malware detection/rootkit software must be run, along with an IT professional searching by hand to remove the infection.
Over the last few years malware detection companies have seen huge increases in the amount of malware infections, as much as a 50% increase per quarter (upwards of 70 new malware threats per minute). These companies must find these infections in order to know how to detect it, which is what makes malware very difficult to find, as they constantly change their software’s appearance and code to avoid detection.
Many detection software developers rely on IT professionals to send them information, copies of the infection, and any registry or file location information to help them update their databases. Even if you have a variety of detection programs on your computer, you may still get an infection. Most infections are downloaded by a user without them knowing it, sometimes from clicking an ad on a webpage, or clicking a bogus link from a friend’s email.
As I mentioned in my first article (“Is Windows Technical Support Calling You?”), the want for your money has spread to the telephone. Do not provide these people with any access to your computer, or anything linked to your finances. If you have caller ID, write down their phone number and notify law enforcement.
I hope this article gives you a better knowledge of what Malware is, and the problems that come with them.
Do you have questions about problems you’re having with your computer? Take advantage of my years of experience and willingness to help and click to Ask the Geek!
Richard Keg is a technology specialist at Computer Repair And Maintenance in Oakhurst, CA, and has been serving the mountain area since 1994. He can be reached at Richard@c-ram.org. C-RAM is on Facebook at https://www.facebook.com/ComputerRepairAndMaintenance