Wednesday, April 11, 2007

Welcome to Malaysia Botnets

http://star-techcentral.com/tech/story.asp?file=/2007/4/10/technology/17373874&sec=technology

Thanks to my friend who has sent me this link, it is about the survey that has been done by Symantec Malaysia. It has stated that 96% of the computers are zombies. I'm wondering whether they are trying to generate fears so that more people will buy their anti-virus solution or this is true, I'm probably happy to see we are top 7 in the list since that really shows Malaysia Can spirit.

Another interesting result from them should be 84 percent of emails from Malaysia are classified as spam, I'm really curious of how they are able to identify this portion as there's no perfect solution to identify or classify email with unsolicited intentions. Plus they are actually setting up decoy emails(honeypot alike) for this kind of identification which I don't think it can be any accurate.

"This and the high number of zombie machines in Malaysia is tarnishing the country's image". This is way too much of emphasizes, they are playing a big blames on the users, and most of the users not even know what is happening out there. They are just using the internet for surfing, doing some transactions and so forth.

"It said copies of pirated software sometimes contained trojans and other hidden malicious programs, and these are surreptitiously planted into computer systems when users installed the software". This is not the case, in my opinion as most of the users in Malaysia are using pirated softwares, it leads to a more of vulnerabilities in the applications softwares and operating systems itself as they can't patch it since they are not using the licensed or commercial version. That's what most malicious attackers targeting over the networks instead of just distribute it via the softwares/pirated CD that they buy which is more of blind attacks.

"An antivirus program is not enough, said Symantec. Users need a security solution that combines antivirus, firewall and intrusion detection capabilities". Okay, it is still back to the marketing sense, I expected that. But the truth is users are still vulnerable even with all those solutions been utilized, malicious attackers are way smarter to bypass most of them. You are trying to reduce the risk for users, however that won't work once internet browsers itself becoming victim as well. Combining with some social engineering tricks, users tend to be fooled without them knowing. And some of them just gotcha from USB thumb drives.

"Computer users should also be careful about disclosing confidential, personal or financial information online unless they know that the request for such is legitimate, cautioned Symantec". I doubt users will listen to this, this reminds me the presentation from Mikko - Education usually won't work.

Enough rant for now, thanks to Symantec for doing this kind of survey.

Enjoy ;]

5 comments:

mysurface said...

Nice racing this issues, which I hope it does makes some awareness. But I doubt it works, as your blog's readers are usually security wise which they have their ways to cater those malicious virii.

IMHO, install Linux should be the easy way to lessen the issues. But after fixing 'their' computer, and told them to install linux, I am getting lame excuses "I am not as good as you mah"

From their words they indicate that linux is for expert, which is wrong! Look at Ubuntu, the feisty is going to be even easy to use, Click and Run! What so difficult?

joe_random said...

mysurface,

Malware will follow the masses. If the masses move to Linux, malware will be written for Linux. If the masses move to OS X, malware will be written for OS X. The more people use an OS, the more features they want out of it. The more features, the more complexity. The more complexity, the more bugs. Right now it's not profitable to create malware for anything other than Windows.

Don't get me wrong, Ubuntu is a great Linux distribution. I writing this on an Ubuntu box.

nice3z said...

mysurface,

Install linux != more secure. That seems to be the most wide spread misconception I see.

Most distributions have insecure services widely open, which actually 'open' up the user PC to outsider if they are not properly informed and protected themselves.

They may see less malware problem from normal usage (doc, email, etc). But in the background, some bot/trojan/rootkit could easily exploit open linux system. And they won't even notice anything!

So they do need a bit tech-savvy to mangle with iptables, rootkit detector etc, so their excuse are valid, they're not as good as you =)

mysurface said...

Joe and nice are both right, I agree with you.

Joe: Asking people to shift to Linux will only lessen the issues,not absolute solution. I have fate in oss, as more eyes ball, bugs are shallow. open source may introduces more bugs discovered but it may also introduces more fixes.

alwinaw said...

I agree with you that end point security cannot be overlooked as well. Here is a little info about an interesting free tool: GFI EndPointScan

It scans network for devices online for the purpose of controlling network access of portable storage devices and drives, such as USB drives, iPods and PDAs to prevent identity theft and the threat of employees introducing viruses, Trojans, illegal software to the network

More info and a trial version can be found at: http://www.endpointscan.com/