An executive at a computer manufacturing firm released an email on Twitter that she alleges is a proposal to install malware on the firm’s latest computer model. The email reads like a solicitation from a business that is looking to promote the firm’s website. The sender states they will provide an “.exe” file for the manufacturer to install, and in return pay them a fee for every install completed.
The executive expressed astonishment at such an audacious suggestion. The firm denied the offer. Kavita Iyer “Raspberry Pi was offered money for installing malware on their computers,” http://www.techworm.net (Dec. 25, 2015).
Malware is a term used to describe any unwanted software that is installed on a computer without the user’s consent. This can include relatively benign software that injects ads onto your computer to malicious programs like viruses, spyware, ransomware, adware and trojan horses.
Unfortunately, IT security experts from AVTest find that more than 390,000 new malware programs are created every day. Total malware figures have gone from over 187 million programs in 2013 to almost 500 million by late 2015.
Delivery methods of malware are varied and continue to grow. Most computers are infected with malware when the user clicks on an attachment or link that the user believes is for another purpose. These attachments can appear in phishing emails, fraudulent pop-up windows, or illegitimate websites. The links can take a user to a bogus site created by cybercriminals.
Website advertisements are also known to contain malware. Because much of the online advertising is done through third parties, the owners of websites rarely oversee the ad code that is used on their sites. Simply mousing over an ad window can start a malware download.
Although pre-installed malware, as described in the above story, is not as common a method of infection, it is certainly concerning because there is little the end user can do to prevent it. The malicious code is installed on the device at the time of manufacture, usually via a third party vendor. The vendor is looking to market the product by way of the computer and offers the manufacturer a fee to install an executable file they provide.
Malware programs create multiple problems for the infected computer and its user. They can cause your computer to crash, monitor and/or control your online activities, create messages that compel you to give personal information, or lock up your computer until a ransom is paid. Even the seemingly benign code designed only to insert unwanted advertisements can alter your computer’s normal security properties, leaving you vulnerable to more serious attacks. Users should make regular malware scans a priority and remove all detected malware.
Stay on top of malware risks as they emerge by following us on Twitter where we provide daily information on cyber risks to online users at twitter.com/MGEnlighten.