September 27, 2012
Botnets are becoming a cybercriminal's weapon of choice for phishing attacks because of their ability to spread spam without the recipient's knowledge.
MX Lab recently reported a new threat targeting Facebook users. In the malware campaign, hackers are sending emails disguised as Facebook notifications that claim the recipients were tagged in a photo, tricking them into opening an attached file named "New-Photo-with-You_on_Facebook_PHOTOID13O8WHZL.zip," reported Help Net Security. The unknown Trojan is similar to another attack some Facebook users experienced last month.
According to a separate article from Help Net Security, botnets can run undetected in the background of the computers they inhabit, granting hackers full control of a device. In some cases, the cybercriminal can tell the computer to send spam to friends through a fake IM or tweet.
Forms of botnets
To ensure that users don't download malware or viruses, the email security provider, Eleven, recently published web security tips on how to prevent a botnet infection.
Most botnets inject malware through Trojans, which are sent via correspondence. In fact, the Radicati Group research firm estimated that over 90 percent of botnets use emails to spread spam. To create a sense of urgency, hackers use specific language relating to important documents or deliveries in the subject line to encourage people to open the emails.
Drive-by malware is another botnet that can install as soon as a person opens a compromised web browser containing a Trojan. URLs that link to drive-by download websites are usually disguised as links sent via email, Facebook or Twitter.
A person should also be careful when inserting a stranger's USB into his or her computer, because it might load a virus.
How to prevent malware
According to Eleven, the most effective way to prevent malware attacks is by installing security software, firewalls and virus protection. To ensure that a person does not become a victim of a cybercrime, he or she should be careful of messages from unknown senders and update programs in case a hacker locates a vulnerability on a computer system.
In the second quarter of 2012, the number of unique malware threats detected on devices reached 1.5 million, McAfee reported in a recent Threats Report. Because of the increase in attacks, it is important to take data loss prevention measures to prevent breaches.
-McAfee Cloud Security