Time Immortal

…I have to say that, sadly, this doesn’t surprise me one bit. In fact, I’m surprised that the number of people who have fallen victim to this piece of malware (I know Ars Technica classifies it as adware, but I am not so charitable as they in that regard) is not higher. I mean, I’ve had to clean out…I think I’m up to four…such infections in the last two-and-change months, and the impression I’ve been getting from others in the IT field is that I’ve been lucky and drawn the low card.

Which I can believe, all things considered.

XP Antivirus is not a hard program to remove — Malwarebytes’ Anti-Malware can usually nail it in one pass, on Windows XP at least. It can also be removed manually, with a modest amount of effort, provided one is comfortable poking around in the registry. What makes XP Antivirus so dangerous, I think, is that it does a very good job of looking…real. Or…realish, often complete with a user interface that mimics the general layout of other anti-virus applications. The more malicious versions of the infection will display fake bluescreens (hint: a real bluescreen can’t usually be cleared by hitting a few keys on the keyboard!), error warnings in garish colours, animated cockroaches (kid you not!), and virus infection warnings.

And of course, the software offers the user a way to fix all these errors.

What’s disappointing, to me, is that whoever created this little piece of malware has probably netted on the order of 10 million Euros (~ $13.5 million USD) from users who fall for the messages and pay up. That won’t be the last charge on their credit card said users will see, methinks; anyone dishonest enough to create malware in the first place will almost certainly abuse credit card numbers handed over to their “care.” What this means, in the broadest sense, is that way too many computer users are not being cautious enough, and not exercising sufficient critical thinking about their computing security. Nor are they at all wise or capable enough to safely use a computer in this modern era.

It’s not absurdly difficult to avoid being infected by XP Antivirus: don’t open an email attachment unless you trust the sender, exercise caution when downloading music and movies. Better still (if you simply must download things rather than purchase them), use something like BitTorrent, and only download content which has been verified as safe (e.g. virus-free), at communities like BTJunkie or ISOHunt. Even better: buy the frickin’ album/movie! And above all else, be a skeptical internet surfer: learn to tell the difference between a spam/unsafe website and a legitimate one!

Is this so hard?

Well, for at least 30 million people…yes, it seems to be.

Have I ever mentioned how difficult it is to remove malware from Windows Vista?

So true.

“…younger workers will use your corporate network to run most any device, technology or social networking software they can get their hands on. Dubbed “Millenials,” these workers born after 1980 are nearly twice as likely to use cell phones and PDAs at work, and half admit to installing unauthorized software on their employer’s computers. On the upside, the Millenials are more security aware than their older co-workers.”

When they’re not causing security risks by updating their MySpace profiles during lunch breaks and downloading music, chat applications, and a host of other bits of media content that have traditionally served as vectors for malware and viruses, that is.

That’s what makes IT such a challenging field — you have to be smarter than the other users, and stay one step ahead of the craftiest cube-dweller. People will use proxies to get around firewalls, so you have to be able to identify and block proxies. People will try and use chat programs, reach Facebook, download games, watch videos, update their iPods, and so forth. To say nothing of the hosts of malicious programs that can get in by any number of means, even email.

It’s a challenge, to say the least.