• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Got A Virus? It's Your Fault Says Microsoft

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.87/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Yes, that's right the maker of notoriously vulnerable software is now blaming you, the user, should you get a virus, trojan or other malware infection on your Windows computer. However, it does look like they have some justification for saying this. For those with long attention spans, Microsoft have just released their 168 page Microsoft Security Intelligence Report 6MB PDF, with the stated aim of providing:
An in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software in the first half of 2011
The first thing to note about the report is that it is limited to its Malicious Software Removal Tool and Microsoft's other anti-malware products. Zero-day attacks that it can't detect are not included in the findings. So, surely it can't all be the user's fault then? It also means that the security angles from third party security vendors such as Kaspersky, Norton and McAfee aren't represented here.



By far the biggest attack vector with 44.8% is infection with the help of the user, where they're duped into running some dodgy attachment or clicking an equally dodgy link. What with the generally very low level of computer literacy of most ordinary users, this is hardly surprising. Taking second and third place are two autorun options, USB at 26% & network at 17.2%, with all the others at surprisingly low levels, especially the exploit when update is long available, standing at only 3.2%.

Next up are the well known operating system vulnerabilities. 32-bit XP SP3 is by far the most insecure of recent OS's, with 10.9 Computers Cleaned per Thousand (CCT) which is unsurprising, considering the many hundreds of patches required since its 2001 release. Vista SP1 32-bit is a bit better at 8.8 CCT (so much for the much-touted enhanced security at it's 2007 retail launch), with the 64-bit version somewhat better at 6.7 CCT. From there, OS security improves significantly with the best being Windows 7 SP1 64-bit, which is to be expected, at a low 1.1 CCT. Server infections are surprisingly high though, considering that they are based on the same code base as their client counterparts. For example, Server 2008 R2 has the same underlying code as Windows 7, yet it's CCT is 3.3 times higher, at 3.6. Why should this be, since the admins that run them can be assumed to know about patching and general good security practice?

Of infections due to third party software vulnerabilities, Java takes the cake with between one-third and one-half of all observed exploits. Again, old versions are the most vulnerable and as Java auto updates, there's really no excuse to be running such old versions.



Because core OS security has increased so much in recent years, cybercriminals haven't stood still. Since duping uninformed "clueless" users is the most effective form of attack, they have now moved on to social networks in a big way, as they are so popular. Considering the type of fraudulent ads which can sometimes be seen on the side of a Facebook page, where the picture and text suggest one thing, but actually lead you to something completely different and obviously fraudulent when looked at a little more closely, it looks like the social networks themselves could do more to protect their users by vetting their advertisers more stringently.

One significant enhancement to computer security, is Microsoft's proactive stance on eradicating botnets in the last few years. On several occasions now, stories have been published covering particular botnets that were taken down by Microsoft working together with law enforcement in various countries to track down the command and control servers and websites, putting them out of action and thus disrupting the botnet. The infected machines can then be cleaned up later. This writer has from personal experience, seen spam drop from up to around 50 items a day to maybe 6 or 7 per week which is a great improvement, so this strategy is clearly working.

The conclusion for such a big report is remarkably concise, so is quoted in full:
Unfortunately, the process of eliminating malware from a computer is likely to become much harder in the next few years. Malware has become a lucrative business for the criminals who create and distribute it, and they have a financial incentive to find new ways to evade detection and make malicious files and processes harder to remove.

Therefore, understanding how malware spreads, operates, and defends itself at a fundamental level should be considered a prerequisite for IT professionals charged with protecting their users from attack and containing outbreaks when they occur. However, the best guidance is that which helps prevent malware infection from ever occurring. For more information about how to prevent malware infection, see the Microsoft Malware Protection Center at www.microsoft.com/security/portal.

Overall though, it doesn't seem like infections are down much, with social media phishing taking up the slack as clueless users blindly run malware and click on bad links. It would be desirable if the overall rate dropped, so that criminals would be put out of business and be forced to work for a living like everyone else or preferably, sit in jail.

One thing that surprisingly wasn't mentioned in the report is the need to run a hardware edge firewall on your network. Without it, it's only a matter of time until Windows gets hacked into, regardless of how well patched it is. Thankfully, every decent modern home router has one of these built in and is switched on by default, addressing this critical requirement. For corporate networks, using a hardware firewall is a standard security policy decision.

Another worthy line of attack against botnets is the ISP. In some cases, ISP's monitor their user's internet connections, looking for patterns of behaviour that indicates a compromised machine. If found, they notify the user, usually by email. They may also slow down the connection, filter it or turn off access completely, depending on the user agreeemnt and the severity of the attacks, until the customer has addressed the problem

Due to its 168 pages, the report is very detailed and covers a wide range of topics, so covering them all is beyond the scope of this story. However, some of the more interesting areas covered in the report are: the rising attacks on Android smartphones, Flash Player exploits, spam, phishing and malware sites, rogue security software, Process Explorer and strategies for eradication of malware from infected machines.

Finally, the big takeaway from this report, is the usual advice of running the latest versions of all your software, including the OS (64-bit where possible) patch it as patches are released, use internet security software, use a hardware firewall and of course not forgetting user savvy to avoid getting duped by social engineering tricks into doing something stupid. Reckless user behaviour is by far the biggest part of this problem, just like car accidents.

View at TechPowerUp Main Site
 
Last edited by a moderator:
J

John Doe

Guest
They are right. Most the time people blindly open random e-mails, visit badly compiled sites etc. That is how most viruses are taken. No matter which OS you have, there is always a chance of taking a virus if you don't know what you're doing. As long as you secure your PC real-time, and do not fall for anything, you pretty much will never get hacked.
 
Joined
Jul 20, 2008
Messages
4,016 (0.67/day)
Location
Ohio
System Name Desktop|| Virtual Host 0
Processor Intel Core i5 2500-K @ 4.3ghz || 2x Xeon L5630 (total 8 cores, 16 threads)
Motherboard ASUS P8Z68-V || Dell PowerEdge R710 (Intel 5520 chipset)
Cooling Corsair Hydro H100 || Stock hotplug fans and passive heatsinks
Memory 4x4gb Corsair Vengeance DDR3 1600 || 12x4gb Hynix DDR3 1066 FB-DIMMs
Video Card(s) MSI GTX 760 Gaming Twin Frozr 4GB OC || Don't know, don't care
Storage Hitachi 7K3000 2TB || 6x300gb 15k rpm SAS internal hotswap, 12x3tb Seagate NAS drives in enclosure
Display(s) ViewSonic VA2349S || remote iDRAC KVM console
Case Antec P280 || Dell PowerEdge R710
Audio Device(s) HRT MusicStreamer II+ and Focusrite Scarlett 18i8 || Don't know, don't care
Power Supply SeaSonic X650 Gold || 2x870w hot-swappable
Mouse Logitech G500 || remote iDRAC KVM console
Keyboard Logitech G510 || remote iDRAC KVM console
Software Win7 Ultimate x64 || VMware vSphere 6.0 with vCenter Server 6.0
Benchmark Scores Over 9000 on the scouter
Due to its 168 pages, the report is very detailed and covers a wide range of topics, so covering them all is beyong the scope of this story.
:p
 

Dave63

New Member
Joined
Jun 4, 2010
Messages
106 (0.02/day)
Location
Hamilton, NY
System Name X-Tek
Processor AMD Phenom II X3 720 BE OC @ 3.5Ghz
Motherboard ECS GF8200A Black Series
Cooling Corsair H50
Memory G-Skill PC2-6400 4GB
Video Card(s) MSI N460GTX Twin Frozr II SOC 768MB
Storage WD 320 GB
Display(s) ASUS 23" Full HD HDMI LED Backlight
Case Xigmatek UTGARD
Audio Device(s) Integrated 8-channel HD Audio
Power Supply BFG 550W GX Series
Software Windows 7 Home 64 Bit
They are right. Most the time people blindly open random e-mails, visit badly compiled sites etc. That is how most viruses are taken. No matter which OS you have, there is always a chance of taking a virus if you don't know what you're doing. As long as you secure your PC real-time, and do not fall for anything, you pretty much will never get hacked.

I agree and stay away from them side ads and 3rd party apps like java and flash.
 

Wile E

Power User
Joined
Oct 1, 2006
Messages
24,318 (3.65/day)
System Name The ClusterF**k
Processor 980X @ 4Ghz
Motherboard Gigabyte GA-EX58-UD5 BIOS F12
Cooling MCR-320, DDC-1 pump w/Bitspower res top (1/2" fittings), Koolance CPU-360
Memory 3x2GB Mushkin Redlines 1600Mhz 6-8-6-24 1T
Video Card(s) Evga GTX 580
Storage Corsair Neutron GTX 240GB, 2xSeagate 320GB RAID0; 2xSeagate 3TB; 2xSamsung 2TB; Samsung 1.5TB
Display(s) HP LP2475w 24" 1920x1200 IPS
Case Technofront Bench Station
Audio Device(s) Auzentech X-Fi Forte into Onkyo SR606 and Polk TSi200's + RM6750
Power Supply ENERMAX Galaxy EVO EGX1250EWT 1250W
Software Win7 Ultimate N x64, OSX 10.8.4
I agree with MS. The majority of infections are user error. I don't run AV on my machine full time, only install and run one every once in a while. When I do decide to run one, I'm always clean.
 

HTC

Joined
Apr 1, 2008
Messages
4,664 (0.76/day)
Location
Portugal
System Name HTC's System
Processor Ryzen 5 5800X3D
Motherboard Asrock Taichi X370
Cooling NH-C14, with the AM4 mounting kit
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Pulse 6600 8 GB
Storage 1 Samsung NVMe 960 EVO 250 GB + 1 3.5" Seagate IronWolf Pro 6TB 7200RPM 256MB SATA III
Display(s) LG 27UD58
Case Fractal Design Define R6 USB-C
Audio Device(s) Onboard
Power Supply Corsair TX 850M 80+ Gold
Mouse Razer Deathadder Elite
Software Ubuntu 20.04.6 LTS
Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?
 

Mussels

Freshwater Moderator
Joined
Oct 6, 2004
Messages
58,413 (7.91/day)
Location
Oystralia
System Name Rainbow Sparkles (Power efficient, <350W gaming load)
Processor Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard Asus x570-F (BIOS Modded)
Cooling Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory 2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s) Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage 2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s) Phillips 32 32M1N5800A (4k144), LG 32" (4K60) | Gigabyte G32QC (2k165) | Phillips 328m6fjrmb (2K144)
Case Fractal Design R6
Audio Device(s) Logitech G560 | Corsair Void pro RGB |Blue Yeti mic
Power Supply Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse Logitech G Pro wireless + Steelseries Prisma XL
Keyboard Razer Huntsman TE ( Sexy white keycaps)
VR HMD Oculus Rift S + Quest 2
Software Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores Nyooom.
quite an interesting article, but i doubt i can be stuffed reading the source PDF
 

Wile E

Power User
Joined
Oct 1, 2006
Messages
24,318 (3.65/day)
System Name The ClusterF**k
Processor 980X @ 4Ghz
Motherboard Gigabyte GA-EX58-UD5 BIOS F12
Cooling MCR-320, DDC-1 pump w/Bitspower res top (1/2" fittings), Koolance CPU-360
Memory 3x2GB Mushkin Redlines 1600Mhz 6-8-6-24 1T
Video Card(s) Evga GTX 580
Storage Corsair Neutron GTX 240GB, 2xSeagate 320GB RAID0; 2xSeagate 3TB; 2xSamsung 2TB; Samsung 1.5TB
Display(s) HP LP2475w 24" 1920x1200 IPS
Case Technofront Bench Station
Audio Device(s) Auzentech X-Fi Forte into Onkyo SR606 and Polk TSi200's + RM6750
Power Supply ENERMAX Galaxy EVO EGX1250EWT 1250W
Software Win7 Ultimate N x64, OSX 10.8.4
Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?

2003 is irrelevant to the scope of this article. Back then it was an insecure OS. This is about current rates, in which we have much more secure OSes.
 

Kreij

Senior Monkey Moderator
Joined
Feb 6, 2007
Messages
13,817 (2.12/day)
Location
Cheeseland (Wisconsin, USA)

If you find a grammar or spelling error in a news article, please PM the writer instead of posting in the thread.

On Topic : Microsoft's report is right. the majority of infections are caused by people clicking on things they do not examine, oblivious to the consequenses.
The social networks (ie. Facebook) are going to be a HUGE problem as 99% of the people who happily share all their personal data and click on everything have no clue what they are doing.
 
J

John Doe

Guest
Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?

I had KAV Internet Security and never got it back then. The only stuff I got was from DL'ing porn over KaZaa back in Millenium, Bullguard lol.
 
Joined
Jan 11, 2009
Messages
9,250 (1.59/day)
Location
Montreal, Canada
System Name Homelabs
Processor Ryzen 5900x | Ryzen 1920X
Motherboard Asus ProArt x570 Creator | AsRock X399 fatal1ty gaming
Cooling Silent Loop 2 280mm | Dark Rock Pro TR4
Memory 128GB (4x32gb) DDR4 3600Mhz | 128GB (8x16GB) DDR4 2933Mhz
Video Card(s) EVGA RTX 3080 | ASUS Strix GTX 970
Storage Optane 900p + NVMe | Optane 900p + 8TB SATA SSDs + 48TB HDDs
Display(s) Alienware AW3423dw QD-OLED | HP Omen 32 1440p
Case be quiet! Dark Base Pro 900 rev 2 | be quiet! Silent Base 800
Power Supply Corsair RM750x + sleeved cables| EVGA P2 750W
Mouse Razer Viper Ultimate (still has buttons on the right side, crucial as I'm a southpaw)
Keyboard Razer Huntsman Elite, Pro Type | Logitech G915 TKL
The only virus I ever had was 100% my fault and I knew I had a 80% chance that I was going to get infected for downloading and installing the program. I did it anyways in the off-chance it was real, because my A/V scan turned up negative xD Stupid.

I don't have an A/V, but I do scan suspicious files if I decide to want to try them. I now practically never download suspicious files, actually none since a year (when I got the virus).

BTW, I download a shit-ton of stuff and go on dodgy sites, click on ads by accident all the time, have bouncing boobs a few times as well, but in my 12 freaking years of massive PC using, I only had 1 virus and it was 100% my fault. Also note that I've been regularly using my computer massively since I was 7 years old, and even at that age I didn't do something stupid, and I was stupid enough to delete Windows files because I wanted to save HDD space LOL so USE YOUR FREAKIN' COMMON SENSE

Also, Apple's OS X is much less secure than Windows. If hackers would target OS X as much as Windows, it would be hell for Mac users
 
Joined
Oct 30, 2008
Messages
1,768 (0.30/day)
System Name Lailalo
Processor Ryzen 9 5900X Boosts to 4.95Ghz
Motherboard Asus TUF Gaming X570-Plus (WIFI
Cooling Noctua
Memory 32GB DDR4 3200 Corsair Vengeance
Video Card(s) XFX 7900XT 20GB
Storage Samsung 970 Pro Plus 1TB, Crucial 1TB MX500 SSD, Segate 3TB
Display(s) LG Ultrawide 29in @ 2560x1080
Case Coolermaster Storm Sniper
Power Supply XPG 1000W
Mouse G602
Keyboard G510s
Software Windows 10 Pro / Windows 10 Home
Funny.. I got a trojan on mine a month back, only after I installed MSE. Reason being, MSE turned off Defender which was by default stopping it, then MSE by default opened up the hole for it to get on.

So yes, it was my fault for trying out M$ branded AV software.

Epic M$, real epic.
 
Last edited:
Joined
Jan 11, 2009
Messages
9,250 (1.59/day)
Location
Montreal, Canada
System Name Homelabs
Processor Ryzen 5900x | Ryzen 1920X
Motherboard Asus ProArt x570 Creator | AsRock X399 fatal1ty gaming
Cooling Silent Loop 2 280mm | Dark Rock Pro TR4
Memory 128GB (4x32gb) DDR4 3600Mhz | 128GB (8x16GB) DDR4 2933Mhz
Video Card(s) EVGA RTX 3080 | ASUS Strix GTX 970
Storage Optane 900p + NVMe | Optane 900p + 8TB SATA SSDs + 48TB HDDs
Display(s) Alienware AW3423dw QD-OLED | HP Omen 32 1440p
Case be quiet! Dark Base Pro 900 rev 2 | be quiet! Silent Base 800
Power Supply Corsair RM750x + sleeved cables| EVGA P2 750W
Mouse Razer Viper Ultimate (still has buttons on the right side, crucial as I'm a southpaw)
Keyboard Razer Huntsman Elite, Pro Type | Logitech G915 TKL
Lol I have the default Firewall disabled also. I run without ANY A/V except anything that I cannot turn off. I might be lucky though
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.87/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Lol I have the default Firewall disabled also. I run without ANY A/V except anything that I cannot turn off. I might be lucky though

It looks like you practice Safe Sex Surfing, which can get you surprisingly far. ;)

Are you sitting behind a hardware firewall in your router? That's the important one. This and keeping your Windows and apps patched are the two biggies to staying safe, besides user behaviour.
 
J

John Doe

Guest
Are you sitting behind a hardware firewall in your router? That's the important one.

Actually, it isn't as important as people think. I run a single port modem, no routing. But I have my ports closed so it's a non-issue. AV however is more important IMO. It's easier to get a virus from Google images...
 
Joined
Jul 19, 2006
Messages
43,609 (6.48/day)
Processor AMD Ryzen 7 7800X3D
Motherboard ASUS TUF x670e-Plus Wifi
Cooling EK AIO 360. Phantek T30 fans.
Memory 32GB G.Skill 6000Mhz
Video Card(s) Asus RTX 4090
Storage WD/Samsung m.2's
Display(s) LG C2 Evo OLED 42"
Case Lian Li PC 011 Dynamic Evo
Audio Device(s) Topping E70 DAC, SMSL SP200 Amp, Adam Audio T5V's, Hifiman Sundara's.
Power Supply FSP Hydro Ti PRO 1000W
Mouse Razer Basilisk V3 Pro
Keyboard Epomaker 84 key
Software Windows 11 Pro
Lol I have the default Firewall disabled also. I run without ANY A/V except anything that I cannot turn off. I might be lucky though

Same here. I run in DMZ mode on my modem, no A/V and I also have Windows Defender turned off. The only protection I have is Windows Firewall and that really isn't much. I haven't had anything bad happen, but if it did I have a backup. Just wipe the drive and clone.
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.87/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Actually, it isn't as important as people think. I run a single port modem, no routing. But I have my ports closed so it's a non-issue. AV however is more important IMO. It's easier to get a virus from Google images...

Yeah, I've seen that too. Kaspersky flags up a big warning when it leads to an infected page and blocks it from downloading.

Still though, with a hardware firewall, you can actually sit online with no patches at all on the OS and not get nailed. With the big caveat of course, that you basically don't do anything online with it. ;) The only place one should go with a newly installed, unpatched OS is Microsoft Update and patch it completely, before doing anything else.

In the end though, there's no silver bullet with computer security. It's a strategy involving many different components, all working together.

Same here. I run in DMZ mode on my modem, no A/V and I also have Windows Defender turned off. The only protection I have is Windows Firewall and that really isn't much. I haven't had anything bad happen, but if it did I have a backup. Just wipe the drive and clone.

I'll bet you do that to get low ping rates in online games? ;)
 

IlluminAce

New Member
Joined
Aug 6, 2011
Messages
46 (0.01/day)
Location
UK
System Name Ace2
Processor Intel i7 2600
Motherboard ASRock Extreme4 Gen3
Cooling Zalman CNPS10x Extreme
Memory Corsair Vengeance LP 16GB (4x4)
Video Card(s) Asus HD 6970 DirectCUII
Storage 4x Samsung 1TB 7.2krpm
Display(s) 1x 24" 16:10, 1x 20" 16:10, 3x 19" 5:4
Case Fractal Design R3
Audio Device(s) TBD
Power Supply Corsair HX850W
Software Debian dom0 (on Xen hypervisor)
ID-ten-T errors have always been the biggest cause of security breaches, in whatever field - technical or otherwise. Back "in the day", the likes of Kevin Mitnick (now global icon) utilised this to their advantage in what's come to be known as social engineering. This involved such old favourites such as phoning up a support operative, claiming to be one of the company's managers who had forgotten the password for a critical piece of infrastructure... you get the idea.

It used to be perpetrated against large corporates the most; now the focus seems to have shifted to individuals. Instead of getting poorly paid workers to hand over access to corporate mainframes or communications infrastructure, the common thread seems to be persuading individuals to click on the wrong thing on their screen, thereby adding their machine to a botnet, or providing an attacker remote access, or joining a spamming/DDOS task, or passing back keypresses, or whatever it may happen to be. The fact is: it's easier to get non-technical people to click something accidentally, then it is to wade through thousands of lines of source code, or try to understand countless lines of assembly, or test every possible input field for non-validation, etcetera.

If only we could do away with that living organism between the chair and the keyboard, the Internet would be a much safer place...
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.44/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
32-bit XP SP3 is by far the most insecure of recent OS's, with 10.9 Computers Cleaned per Thousand (CCT) which is unsurprising, considering the many hundreds of patches required since its 2001 release.
That's still remarkably low. Only 1.09% of computers scanned by Malware Removal Tool are infected. Malware Removal Tool is a security update by all versions of Windows since XP so virtually everyone has it (unless you're a pirate :ohwell:).

I agree with the findings though. User error is the most common cause and vulnerabilities in HTML/JavaScript/browsers is second, in my experience.


Why should this be, since the admins that run them can be assumed to know about patching and general good security practice?
Either stupid admins browsing the web/email on the server or they're more vulnerable because they tend to have more ports exposed for...serving. Ehm, Windows itself might not be the vulnerability; it could be the software sitting on those exposed ports (JVM, anyone?).
 
T

twilyth

Guest
There's no substitute for browser plugins that block active content by default. It can be a pain in the ass if you're online shopping and going to a lot of new sites where you have to enable javascript or flash, but otherwise requires little effort and prevents the most common types of online exploits since they virtually always rely on one or the other.

Personally, I love Avira. My only qualm is the fact that it doesn't give you the max protection it's capable of out of the box and to get that you have to go in and change at least a half dozen settings.
 
Joined
Nov 27, 2007
Messages
2,255 (0.36/day)
System Name HOMECOMPUTER
Processor Intel i9 - 9900k @ 5.1Ghz - 1.31v
Motherboard Asux ROG Maximus XI Hero Wifi
Cooling ek supremacy evo full nickle, 2xEK 360 Radiators, ek d5 pump/res combo, ek full cover 2080ti block
Memory 16GB DDR 3600 Trident Z RGB
Video Card(s) Gigabyte RTX 2080TI
Storage 1xWD black NVME 500GB, 1xSamsung 970 Evo Plus NVME 1TB
Display(s) 2 Dell Gaming 27" 1440P Gsync
Case Lian LI PC-011 Dynamic
Audio Device(s) onboard
Power Supply Evga P2 1200Watt
Mouse Zowie FK1+
Keyboard Corsair Strafe rgb silent
Software Windows 10 Pro
Benchmark Scores i'm working on that
I am in complete support of this, people need to learn to use the internet. It's not that hard, i spend a good part of my job cleaning up the mess left by virus's on client pc's. It sux, and it's always the same bullshit "how did this happen to me?" "i didn't do anything wrong" Google this shit people, learn to browse safely lol.
 
Joined
Nov 27, 2007
Messages
2,255 (0.36/day)
System Name HOMECOMPUTER
Processor Intel i9 - 9900k @ 5.1Ghz - 1.31v
Motherboard Asux ROG Maximus XI Hero Wifi
Cooling ek supremacy evo full nickle, 2xEK 360 Radiators, ek d5 pump/res combo, ek full cover 2080ti block
Memory 16GB DDR 3600 Trident Z RGB
Video Card(s) Gigabyte RTX 2080TI
Storage 1xWD black NVME 500GB, 1xSamsung 970 Evo Plus NVME 1TB
Display(s) 2 Dell Gaming 27" 1440P Gsync
Case Lian LI PC-011 Dynamic
Audio Device(s) onboard
Power Supply Evga P2 1200Watt
Mouse Zowie FK1+
Keyboard Corsair Strafe rgb silent
Software Windows 10 Pro
Benchmark Scores i'm working on that
Funny.. I got a trojan on mine a month back, only after I installed MSE. Reason being, MSE turned off Defender which was by default stopping it, then MSE by default opened up the hole for it to get on.

So yes, it was my fault for trying out M$ branded AV software.

Epic M$, real epic.

Not necessarily true. Defender is re-enabled on windows vista-7 machines after the install. Next things is that the definitions mse uses are all inclusive of what defender has so it will catch whatever defender would catch and more
Third thing, is that it's still your fault you ever got the trojan in the first place


This article simply states that if people knew how to browse safely and didn't fall prey to stupid and obvious schemes virus scans and virus removal wouldn't be so hard or widespread as it is

Sure mse didn't catch your trojan, but that doesn't change the fact that it was your fault it ever got there int he first place.
 

Mussels

Freshwater Moderator
Joined
Oct 6, 2004
Messages
58,413 (7.91/day)
Location
Oystralia
System Name Rainbow Sparkles (Power efficient, <350W gaming load)
Processor Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard Asus x570-F (BIOS Modded)
Cooling Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory 2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s) Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage 2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s) Phillips 32 32M1N5800A (4k144), LG 32" (4K60) | Gigabyte G32QC (2k165) | Phillips 328m6fjrmb (2K144)
Case Fractal Design R6
Audio Device(s) Logitech G560 | Corsair Void pro RGB |Blue Yeti mic
Power Supply Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse Logitech G Pro wireless + Steelseries Prisma XL
Keyboard Razer Huntsman TE ( Sexy white keycaps)
VR HMD Oculus Rift S + Quest 2
Software Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores Nyooom.
oh look, a pirated copy of that software i didnt want to pay for!

*double clicks crack, blames ensuing virus on crap antivirus product/OS*
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.87/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
oh look, a pirated copy of that software i didnt want to pay for!

*double clicks crack, blames ensuing virus on crap antivirus product/OS*

Yes, that's a point. Microsoft plays up the infected software angle from illegal downloads for all it's worth, but it's true. They are from an unknown and untrusted source, so it's no surprise that they come with little "extras".

The only time you can be sure is if you know the official Microsoft SHA1 for the ISO file you're downloading and then use something like md5summer to compare it. That pure file will of course come without the trojan crack you need to run the software...

Moral of the story: just go legit.
 
Top