To be honest, I haven't been hacked by anyone (or anything yet, touchwood!!) but I did encounter some sort of spyware in my previous desktop before. It was really annoying. I don't know what the hell happened but I do know that the last person to use the desktop was my brother. And a few days later when I tried to use it, Jenna Jameson kept flashing herself on my desktop screen, regardless of whether the PC was connected to the Internet or in offline mode. And for the very first time, I finally realised what porn exactly looked like. The best part? Everyone in my family thought I was into porn. What exactly is spyware? Well, I used to think that spyware, as it's name suggests, some kind of malicious software that spys on what you are doing, like find out your passwords for Internet Banking, Credit Cards numbers, stuffs like that. But it seems not. Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent. Yeah, right. In a way, Jenna Jameson did the honour and privilege of giving me porn scenes of her in porn acts without my utmost consent, whether I like it or not. Although running anti-spyware software has become a widely recognized element of computer security best practices for Microsoft Windows desktop computers, I dare assure you that I did have at least one anti-spyware program running on my old PC, maybe Jenna Jameson happened to be a hacker as well?

What is a virus?
Well, the best definition we have been able to come up with is the
following:

#1 A virus is a program that is able to replicate, that is create (possibly modified) copies of itself.

#2 The replication is intentional, not just a side-effect.

#3 At least some of replicants in turn are also viruses by the same definition.

#4 A virus has to attach itself to a "host", in the sense that execution of the host implies execution of the virus.

A Trojan is a program that pretends to do something useful (or at least interesting), but when it is run, it may have some harmful effect, like scrambling your FAT (File Allocation Table), formatting the hard disk or releasing a virus. Viruses and Trojans may contain a "time-bomb", intended to destroy programs or data on a specific date or when some condition has been fulfilled. A time bomb is often designed to be harmful, maybe doing something like formatting the hard disk. Sometimes it is relatively harmless, perhaps slowing the computer down every Friday or making a ball bounce around the screen. However, there is really no such thing as a harmless virus. Even if a virus has been intended to cause no damage, it may do so in certain cases, often due to the incompetence of the virus writer or unexpected hardware or software revisions. A virus may be modified, either by the original author or someone else, so that a more harmful version of it appears. It is also possible that the modification produces a less harmful virus, but that has only rarely happened. The damage caused by a virus may consist of the deletion of data or programs, maybe even reformatting of the hard disk, but more subtle damage
is also possible. Some viruses may modify data or introduce typing errors into text. Other viruses may have no intentional effects other than just replicating. Most viruses try to recognize existing infections, so they do not infect what has already been infected. This makes it possible to inoculate against specific viruses, by making the "victim" appear to be infected. However, this method is useless as a general defense, as it is not possible to inoculate the same program against multiple viruses.

It used to be the case that a virus could not infect a computer unless it was booted from an infected diskette or an infected program was run on it, but alas, this is no longer true. It is possible for a virus infection to spread, just by the act of reading an infected Microsoft Word document, for example, or through use of Lotus Notes, to name two well-known applications. It also used to be the case that a virus could not infect data files or spread from one type of computer to another - a virus designed to infect Macintosh computers could not infect PCs or vice versa, but with the appearance of application viruses this has changed as well - there are now a few viruses that can infect WinWord as well as MacWord.

Before Internet Explorer 7 was released, the browser would automatically display an installation window for any ActiveX component that a website wanted to install. The combination of user naiveté towards malware and the assumption by Internet Explorer that all ActiveX components are benign, led, in part, to the massive spread of spyware. Many spyware components would also make use of flaws in Javascript, Internet Explorer and Windows to install without user knowledge or permission. The Windows Registry contains multiple sections that by modifying keys values allows software to be executed automatically when the operating system boots. Spyware can exploit this design to circumvent attempts at removal. The spyware typically will link itself from each location in the registry that allows execution. Once running, the spyware will periodically check if any of these links are removed. If so, they will be automatically restored. This ensures that the spyware will execute when the operating system is booted even if some (or most) of the registry links are removed.

If your computer is infected with a virus - DON'T PANIC! Sometimes a badly thought out attempt to remove a virus will do much more damage than the virus could have done. If you are not sure what to do, leave your computer turned off until you find someone to remove the virus for you. Remember that some viruses may interfere with the disinfection operation if they are active in memory at that time, so before attempting to disinfect you MUST boot the computer from a CLEAN system diskette - preferably one that has been kept write-protected since it was originally created. It is also a good idea to boot from a clean system diskette before scanning for viruses, as several "stealth" viruses are very difficult do detect if they are active in memory during virus scanning.

Yes, I know. It works like a thief attempting to break into your house when you yourself is inside the house, sleeping. Yes, Spyware is that bad. And my foremost concern for computer security threat is currently SPYWARE!!! But luckily there's a Complimentary Workshop on Cybersecurity called World of Hacker - Understanding the Threats & Countermeasures, you can check out http://eccouncilacademy.org/main/index.php?option=com_content&task=blogsection&id=11&Itemid=147 for more details. The address where the workshop will be held is:


EC-Council Academy Sdn Bhd

Level 3-10, Block F, Phileo Damansara 1

Jalan 16/11, Off Jalan Damansara

46350 Petaling Jaya, Selangor

Labels: blog defacements, Cybersecurity, hack incidents, hacking incidents, Social Engineering, SQL Injections, Trojans, virus, website defacements