Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

OS Malware Vulnerability


  • Please log in to reply
6 replies to this topic

#1 JimN262

JimN262

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:07:35 PM

Posted 29 December 2013 - 10:38 AM

In CryptoLocker Hijack Program Post 2281,

quietman7, on 27 Dec 2013 - 05:42 AM, said:

Please stay on topic. if you want to have a debate over OS security, just start a new thread on the subject.

 

 

 OK, If this thread goes off the deep end I'll run the other way, but...

I'll propose the following:

 

Two hackers visit the Shark Tank asking for an investment. One proposes and demonstrates Crypto Locker for Windows. The other proposes and demonstrates Crypto Locker for Linux.

 

Question 1. "Who is your 'sales' target population and how big is it?"

 

Why do you think we don't have Crypto Locker for Linux?

 

BTW I am not picking on Linux. Substitute Mac-OS, Unix, VxWorks (well, ok, that's a reach :) ) 

 

 --

Jim

 

 

 

 

 


Edited by JimN262, 29 December 2013 - 10:49 AM.


BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,318 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:07:35 PM

Posted 30 December 2013 - 11:47 AM

Why do you think we don't have Crypto Locker for Linux?

 

Because the population isn't sufficient to generate the desired income.  The initial target of Crypto Locker was commercial, places with a large number of network drives and valuable data.

 

While this data is over three years old the idea is pretty much the same.  PC market share is 92%, Mac 5%, and other 3%.  Even if you were doing a direct mail campaign you would target the PC market of 92% because your response rate is less than 1%.  You want the largest number of victims possible and Mac and Linux just don't do it.



#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 30 December 2013 - 01:43 PM

I agree with RKilroy. Malware writers and hackers who are in business to make money, want to target and distribute malware to the widest range of victims and right now that incorporates those who use the Windows platform.

Popular software applications are also a favored target of malware writers who continue to exploit coding and design vulnerabilities with increasing aggressiveness. Ads are another favored target for hackers because they too offer a stealthy way to distribute malware to a wide range of Internet users.

* What malware needs to thrive
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 jonuk76

jonuk76

  • Members
  • 2,157 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:01:35 AM

Posted 30 December 2013 - 10:37 PM

There are a lot more unpatched vulnerabilities on older versions of Windows.  You can look at the known vulnerabilities and how many of them remain unpatched in each system on Secunia.

 

Ubuntu 13.10 (Linux) - http://secunia.com/advisories/product/48596/

FreeBSD 9.x (BSD/Unix) - http://secunia.com/advisories/product/43514/

OpenSUSE 12.3 (Linux) - http://secunia.com/advisories/product/46292/

Windows XP - http://secunia.com/advisories/product/22/

Windows 7 - http://secunia.com/advisories/product/27467/

Windows 8 - http://secunia.com/advisories/product/42951/

 

Windows XP has loads (with the worst of them classed as highly critical) and it's only going to get worse when updates end in a few months.


Edited by jonuk76, 30 December 2013 - 10:42 PM.

7sbvuf-6.png


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 31 December 2013 - 08:37 AM

Yes, using unpatched and unsupported Windows systems on the Internet is a security risk to everyone as they are prone to attack from hackers, Botnets, zombie computers and malware infection. When there are compromised computers connected connected to the Internet, malware spreads faster and more extensively, distributed denial-of-service attacks are easier to launch, spammers have more platforms from which to send e-mail and more zombies are created to perpetuate the cycle. Without installing all supported service packs first, you are wide open to infection and other high security risks which are prone to an unpatched system.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 31 December 2013 - 07:53 PM

I've been going with Windows for 20 years now.  My latest is a Dell 15R running Windows 7 that is more a workhorse than anything. I keep internet use to a minimum on it.  Basically product updates and essential internet work. All the updates and protections applied.

 

Last year I got a used 13" Macbook at $425 as a goto for internet and casual browsing. I apply the usual precautions as outline in the bleeping computer.

I keep it on my bed stand and it fires up fast when I open the lid. (Ok installing an SSD helps). It's the safe neighborhood where I don't have to keep wondering what's going to come out of the shadows.

 

My iPad and Samsung Galaxy also used for surfing. In fact I check mail first on my Galaxy. If an email with a dodgy attachment shows up, it is usually on my Samsung and I can zap it before Windows Outlook downloads it.

 

It's not that one OS is better than another, but better at some jobs than others.

 

Think of it as a the right tool for the right job, not as a buying decision to defend.



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 01 January 2014 - 04:06 PM

If you think you're safe from Ransomware because you own a Mac or Linux, think again. Scammers are now targeting all platform users including iPhone and Android.

New Police Ransomware 'Browlock' targeting users in US, Canada and UK
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users