Vectors and 3D Models
Local Search - Computers
Weather Information
Get the App for Smartphones and Tablets

Go Back


WhmSoft Free Articles Directory
Free Articles for Reprint
Free Articles to Publish
Free Articles for Newsletters
Videos to Watch


Page Generation Date and Time:
11/21/2024 08:49:42

 
Free the Animation VR / AR
Play to reveal 3D images and 3D models!
Demonstration A-Frame / Multiplayer
Android app on Google Play
 
vlrPhone / vlrFilter / vlrMemos
Project of very low consumption, radiation and bitrate softphones / Multifunction Audio Filter with Remote Control / App to measure the quality of the voice!



 
 
Alexa Data
 

Go To Articles Directory Home Page

To get the current article, - See Below (at the bottom of the page) -.
For top news titles, see below.
Web sites and videos listed in this page are frequently updated.
If you find that this page is useful (quality of web sites, images and videos, ...), you can add it to your favorites.
Bookmark Page !

Tell a Friend:



With your mobile phone (WAP / I-Mode / iPhone / PDA), for free:
The Top News - http://www.whmsoft.net/services/wap/news.php
The Daily Files - http://www.whmsoft.net/services/wap/get.php
All the Directory Files - http://www.whmsoft.net/services/wap/choose.php

Web version of feeds:
Podcast Music - http://www.whmsoft.net/services/web/wpodcast.php
Daily Files - http://www.whmsoft.net/services/web/wget.php

You can play the Guitar Drum Revolution game (flash game) by following the link below:
Play Guitar Drum Revolution Game


You can play free online games (flash games) by following the link below:
Free Online Games

Play the samples below:
Super FighterHexxagonPloopChambre D AudreyCrystalix
Super FighterHexxagonPloopChambre D AudreyCrystalix

You can view the people (celebrities) news and the front page news (with videos, images and constant updates) by following the link below:
View Recent News
or by visiting the WhmSoft Service blog:
News Photos Slideshows


Article Keyword Videos to Watch
Computers
Click on the image to start the video.



Related Topics
Images - Links - Articles

San Francisco


Related Images



Article Category Videos to Watch
Computers
Go to the Videos Pages


Trojan Horse Delivered In Automatic Update

Title
-----
Trojan Horse Delivered In Automatic Update

Trojan Horse - One Mans “Worse Case Scenario” Prediction
----------------------------
This is a fictional article about a Trojan Horse Virus, or you could say it is one mans prediction of a “worse case scenario”. Because of the field I’m in, I maintain a personal list of my top 10 “worse case scenarios”. Every time I perform a security assessment I run into something new or identify a situation that is ripe for a potential vulnerability. I think we could all agree that no respectable or ethical company would intentionally deliver a malicious piece of code as part of a helpful update solution. However, the reality is that human beings are behind technology and human beings are unpredictable and fallible.

Many major operating system vendors have automatic update services. Many hardware vendors and other software packages have followed this trend, incorporating automated update services into their products. In some cases, the services for automatic updates run as the local “system” account. This account has the ability to access and modify most of the operating system and application environment. When automatic updates were relative new, many people would perform the updates manually, however, as time has progressed, many now trust these services and allow the updates to proceed in a truly automated fashion.

The Final Step Before The Hammer Falls
--------------------------
So let’s expand upon our “worse case scenario”. A new service pack is just about ready for release. The last step prior to public release is quality control / validation. The team of people performing this task includes a significantly disgruntled employee (Or may he/she is going through a horrible life crisis and has not much to lose). When people are in pain or distress it is not uncommon for them to project this same feeling onto others in any way they can. So, instead of performing their job in the normal fashion, they decide to incorporate a malicious payload into the forthcoming update.

The First Step For The Trojan Horse: Evasion
--------------------------------------------------
This payload has some unique characteristic, three to be precise. First, it is constructed in such as way to not appear as something malicious. The anti-virus and anti-spyware programs currently on the market won’t be able to detect it through anomalous detection techniques.

The Second Step For The Trojan Horse: Information Collection
----------------------------
Secondly, it has been instructed to wait 12 hours to activate to start searching your computer an network for important files that may contain financial, healthcare, and other confidential information such as user accounts and passwords. It then sends this information to anonymous systems on the Internet. Because this “Trojan horse” has been incorporated into an automated update by someone with reasonable skills, it is instructed to only perform the collection of data for 12 hours. Given the number of global systems that allow automated updates, 12 hours should be more than enough. The person behind this realizes that someone will quickly identify that something malicious is going on and start to roll-out a defense solution to halt the process.

The Final Step: Incapacitate
-------------------------------
Finally, the Trojan Horse will cease it’s data collection and deliver it’s final blow. Because of the level of system privilege it is running at, it modifies the communication protocols and services on the system to prevent any type of external communication to its local peers and external (Internet) hosts. It does this in such as way that the only immediate method to recover from this is a system roll-back, system repair, or restore from near-line media, such as tape or disk. And as far as system recovery is concerned, I can tell you that many people even in corporate entities do not perform the most basic steps to be prepared for a quick system disaster recovery. In some cases, some of the most important recovery services have been disabled because of lack of system resources or disk space (which is amazing given how inexpensive this is anymore).

What Could Be The Impact Of This “Trusted” Trojan Horse
----------------------------------------
Just about every time you install a new application or piece of software you increase the time it takes to boot your PC and in some cases decrease its performance. On thing that drives me crazy is printing software. For the life of me I cannot understand how or why printer support software could total 400MB in size, but they sometimes do. Not only that, they tend to load all kinds of unnecessary real-time running applets. HP printers are notorious for this. Be very aware of what it is you are loading and only load those components that you need. Even some off-the-shelf software packages load adware and other not so helpful applets. Also, when you uninstall software, not all the software gets uninstalled in many cases. One thing I suggest is to purchase a registry cleaner. This can dramatically decrease boot times and in many cases increase the overall performance of your PC.

People are already concerned about identity theft, or at least they should be. I recently spoke with a business associate that told me that even with everything he does to keep his identity secure he has been the victim of identity theft not once, but twice. If your user id’s, online accounts, passwords, financials, or other confidential information winds up on the Internet for any anonymous person to see, you can bet it will be used in a way to cause you problems. Even if only 10% of the global systems fell victim to this Trojan Horse, the cut off of communications could cost businesses billions of dollars and potentially impact their reputation as “secure” institutions.

Conclusion
----------
If we don’t think that this “worse case scenario” can happen, then we’re kidding ourselves. Recently, one of the market leaders in the perimeter defense business had to recall a service pack because it contained a significant “bug” that could result in a security breach; a service pack that can be delivered through and intelligent update service. Obviously there has to be a certain level of trust between us, the consumer, and the vendors of hardware / software we rely on. I’m not entirely sure what “fail-proof” solution can be put in place to prevent something like this from happening. Although I’m sure there are quite a few checks and balances in place already. The bottom line is, if you or I can image a scenario like this, there is always a chance of it happening. In my case, I usually wait for several days to apply new service packs and hot-fixes. Hopefully someone else will find the problem, correct it, and then I’ll apply it.

You may reprint or publish this article free of charge as long as the bylines are included.

Original URL (The Web version of the article)
------------
http://www.defendingthenet.com/newsletters/TrojanHorseDeliveredInAutomaticUpdate.htm


About the Author: About The Author
----------------
Darren Miller is an Information Security Consultant with over seventeen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@defendingthenet.com. If you would like to know more about computer security please visit us at http://www.defendingthenet.com.




Recommended Web Site(s):

Free the Animation Game

Recommended WhmSoft Web Sites, Feeds and WAP Address:

WhmSoft Software Home Page - Software
WhmSoft Services Login Page - Music and Images
WhmSoft Moblog Home Page - Blog - Photo Gallery
WhmSoft Free Online Games Home Page - Flash Games
WhmSoft Services RSS Feed - Daily Music, Image and 3D Flash Animation
Classical Music with Drum RSS Feed - MIDI and MP3 Files
Classical Music with Drum Podcast Feed - MP3 and MP3 Files
WAP / I-Mode / PDAs - Daily Music, Image and Flash Animation

Home Pages:

WhmSoft Free Articles for Reprint Home Page
WhmSoft Services Home Page - Music and Images
Copyright (C) 2006-2024 WhmSoft - All Rights Reserved.