Employees must take precaution when downloading software online

11 octobre 2012

Experts continue to warn users of new hacking methods developed by cybercriminals that compromise computers and breach data. The latest trend reported by Microsoft disguises malware as download links for software trials.

Research findings
At the 2012 RSA Conference in London, the general manager for Trustworthy Computing, Adrienne Hall, announced the release of the Microsoft Security Intelligence Report Vol. 13, which provided analysis of the threat landscape in 105 countries.

Based on the report, experts discovered a rise in the number of software activation key generators used to distribute malware. Some hackers are taking advantage of those who download generators in order to use software after the trial period is over.

During the first six months of 2012, researchers detected about 5 million cases of Win32/Keygen, which has grown by a factor of 26 since the first half of 2010. The survey also showed a rise in the number of enterprises that contracted keygen malware in their network systems. Downloads rose from 7.6 percent in the third quarter of 2011 to 10.2 percent in the second quarter of this year.

According to Tim Rains, the director of product management for Microsoft's Trustworthy Computing group, keygen attacks are listed as a top 10 threat for 103 out of the 105 studied countries, and are now known as the most common worldwide danger for computer users.

The most commonly downloaded software that contain key generators are AutoCAD, Nero Multimedia, Adobe Photoshop and Call of Duty, according to the source. Others are disguised as music or video files. Hackers use names like installadobeflash.exe to trick their victims into thinking they are getting legitimate software, explained Rains.

Preventative measures
To ensure data protection, professionals must follow security standards and be wary of links before clicking on them. If a person wants to download software trials, experts recommend that he or she uses a trusted site. Employees should also update antivirus software regularly, keep operating systems patched, enable firewalls and use strong password protections to prevent hackers from accessing sensitive data.

-McAfee Cloud Security