Microsoft issued a report yesterday which is rather frightening. They claim that one in every fourteen programs downloaded by Windows users turns out to be malicious.
Microsoft have a feature in Internet Explorer designed to help users walk away from potentially dangerous links, but around 5% ignore the warnings and download anyway.
Many years ago, it was easier for dodgy coders to highjack systems as browsers were in the earlier stages of development and gaping holes in security were common place. In recent years, with the new Windows operating systems, users are finally catching onto the update process and code is becoming tighter and tighter all the time.
Alex Stamos, a partner with Isec Partners said “The attackers have figured out that it’s not that hard to get users to download Trojans.” indicating that the coders are targeting the users just as much now as the underlying code. It has always been proven with websites such as Facebook sharing malicious code such as Koobface. A simple message is shown highlighting a new video. When they click the link they are told they need to download a new program. A few minutes later, their machines are infected.
Another common ploy is to pop up a fake anti virus message which can look like an ‘official’ windows alert. A few clicks later and the machines are compromised. Social events also prove too good for code makers to ignore – Joshua Talbot, a manager with Symantec said “The attackers are very opportunistic, and they latch onto any event that might be used to lure people.”
KitGuru says: It is disturbing to hear that Symantec say that 56 percent of all attacks last year included Trojan Horse programs.