Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  New malware uses old tricks

New malware uses old tricks

macmalware

It can be a tricky business keeping an internet connected PC or Mac safe from viruses and malware. Yes, I said PC or Mac; the days when Mac users could happily promote the idea that Mac OS was free from any kind of rogue applications are long gone, although it is fair to say that the vast majority of exploits target the Windows environment. That’s largely a numbers game. While Apple has done well in recent years in terms of expanding its overall market share, it’s still simply dwarfed by the number of Windows PCs connected to the Internet. If you were a bad guy wanting to infect computers and there were a thousand of one type and ten million of the other type, you’d hit the ten million first, every time.

However, as I stated at the outset, not even Mac users are automatically secure any more. That’s why having a decent AV package is a very good idea, simply because they can save you from what’s so very often the actual weak link that allows viruses and malware to spread. It’s not always the case of so-called “zero-day” exploits (problems within code that aren’t known about) or for that matter known exploits that get hit because people don’t run security updates in a timely fashion.

After all, if you were writing dodgy software, you couldn’t be assured that a system hadn’t been patched, or that it was running the right version of the software for which a zero-day existed or worked reliably. No, the most reliable way to gain access to computers, whether you’re after malicious damage, encryption of systems for blackmail purposes or simple identity theft is to go for the weakest link in the security chain. All too often, that’s you or me.

As an example, a recent attack on Macs used, of all things, Word Macros to attack potentially vulnerable machines. Macros are simple chunks of code designed within the Microsoft Office environment to allow automation of tasks, and they can be very powerful productivity boosters. Equally, though, they can allow for some very bad things to happen, which is why on the PC side of the fence they’re almost an archaic form of attack.

A recent malware attempt was sent around via a Microsoft Word For Mac document entitled “U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace.” Which doesn’t sound that thrilling to me, but maybe your tastes vary.

If you opened it, and you had allowed Macros to run, it would run a check to see if a particular Mac firewall was running, and if it wasn’t, download and try to execute an encrypted file from the Internet. The file itself (thankfully) didn’t work, but the whole enterprise relied on the idea that you’d either allow Macros by default (terribly dangerous behaviour) or, more likely, that you’d blithely click through allowing Macros in order to read the document.

You’ve probably hit those warnings on PC or Mac about files or applications making changes to your computer, especially when installing any new app. Chances are decent you’ve blithely clicked through them, thinking of them as a mere annoyance. Next time you hit one, stop and think. Because if the weakest security link on your PC is you, the way you strengthen that link is by using your brain.

FacebookTwitterGoogle+Share

Recent News

8thgen

For decades now, if you were buying a PC, you essentially had two choices when it came to the processor that ran it. For the most part, Intel’s processors under various branding such as Pentium or Core were what you were most likely to hit, with rival AMD’s CPUs generally found in lower-cost machines, or… More 

spectremeltdown

Usually when you hear about large scale security problems, it’s because there’s been an obscure exploit of some incredibly complicated code that somebody’s worked out a way around, leading to the need for software patches, or an entirely human error where access was pilfered via purely social means. Hardware flaws that affect computer security aren’t… More 

password

2017 was a year of some very large security breaches across all sorts of companies, from smaller online merchants all the way up to bigger brands, such as the uber-leak that came out of, well, Uber, where a data leak saw the records of some 57 million users worldwide compromised. As such, you would think… More 

world

The ambition behind Google’s Street View was (originally) to provide a little more human context to people’s map searches. It’s all very good to say that a journey will take so many minutes, or that you need to make this sequence of turns in order to get to your destination, but it’s long been a… More