Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  New malware uses old tricks

New malware uses old tricks

macmalware

It can be a tricky business keeping an internet connected PC or Mac safe from viruses and malware. Yes, I said PC or Mac; the days when Mac users could happily promote the idea that Mac OS was free from any kind of rogue applications are long gone, although it is fair to say that the vast majority of exploits target the Windows environment. That’s largely a numbers game. While Apple has done well in recent years in terms of expanding its overall market share, it’s still simply dwarfed by the number of Windows PCs connected to the Internet. If you were a bad guy wanting to infect computers and there were a thousand of one type and ten million of the other type, you’d hit the ten million first, every time.

However, as I stated at the outset, not even Mac users are automatically secure any more. That’s why having a decent AV package is a very good idea, simply because they can save you from what’s so very often the actual weak link that allows viruses and malware to spread. It’s not always the case of so-called “zero-day” exploits (problems within code that aren’t known about) or for that matter known exploits that get hit because people don’t run security updates in a timely fashion.

After all, if you were writing dodgy software, you couldn’t be assured that a system hadn’t been patched, or that it was running the right version of the software for which a zero-day existed or worked reliably. No, the most reliable way to gain access to computers, whether you’re after malicious damage, encryption of systems for blackmail purposes or simple identity theft is to go for the weakest link in the security chain. All too often, that’s you or me.

As an example, a recent attack on Macs used, of all things, Word Macros to attack potentially vulnerable machines. Macros are simple chunks of code designed within the Microsoft Office environment to allow automation of tasks, and they can be very powerful productivity boosters. Equally, though, they can allow for some very bad things to happen, which is why on the PC side of the fence they’re almost an archaic form of attack.

A recent malware attempt was sent around via a Microsoft Word For Mac document entitled “U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace.” Which doesn’t sound that thrilling to me, but maybe your tastes vary.

If you opened it, and you had allowed Macros to run, it would run a check to see if a particular Mac firewall was running, and if it wasn’t, download and try to execute an encrypted file from the Internet. The file itself (thankfully) didn’t work, but the whole enterprise relied on the idea that you’d either allow Macros by default (terribly dangerous behaviour) or, more likely, that you’d blithely click through allowing Macros in order to read the document.

You’ve probably hit those warnings on PC or Mac about files or applications making changes to your computer, especially when installing any new app. Chances are decent you’ve blithely clicked through them, thinking of them as a mere annoyance. Next time you hit one, stop and think. Because if the weakest security link on your PC is you, the way you strengthen that link is by using your brain.

FacebookTwitterGoogle+Share

Recent News

Closeup of Password Box in Internet Browser

For just about any online service you’d care to name, you’re going to be requested to set up a password in order to securely access those services. This may be for a relatively trivial reason, such as one-time access to a site you’re not sure you’re going to use regularly, or something far more serious… More 

ipod1stgen

While Apple has a history as a computer company that dates all the way back to the 1970s and the original Apple I computer and wildly successful Apple II model that was the favourite of many Australian educational institutions in the 1980s, by the 1990s, the company wasn’t doing so well. Considerably more affordable Windows… More 

freewifi

It’s feasible within Australia to stay connected online for relatively low prices, especially if you make smart use of public Wi-Fi. It’s possible to get online from many public libraries, cafes, shopping centres and popular public locations, where the venue either offers Wi-Fi as a straight service (a la libraries) or as part of a… More 

optusannouncement

Optus recently announced that it was sinking around $1 billion dollars into improving its nationwide mobile telephony network, with a particular focus on improving its regional coverage. That billion dollars will go into 500 new mobile sites across the nation, including 114 on the Federal Government’s Mobile Blackspot program, as well as upgrading more than… More