Infected PCs: Just a bad day at the office, identity theft, or 5 years in prison for a crime you didn't commit!
Posted by: Chris Morris
I wanted to draw attention to the recent plight of Michael Fiola who could easily have served 5 years in prison for a crime committed, not by him but by a Trojan that had infected his PC. Mr Fiola is your typical PC user according to comments by his wife, but a while ago he was given a replacement PC by his employers. That PC happened to be infected with a Trojan. Over the next few weeks the Trojan set about visting child pornography web sites and downloading the type of content that is almost universally condemned. You can read more of the detail here but the short of it is that Mr Fiola lost his job, all of his friends and ended up one decision away from prison. Fortunately, his wife stood by him and computer experts were able to prove that he would have had no knowledge of the child pornography content and that the Trojan (or its authors were the true criminals).
My point is that here is another horrifying real life example of why malicious software is something that should not be treated lightly. It can steal your information, money and even implicate you in all sorts of serious criminal activities as Mr Fiola found. But every day we find people's attittude to malicious software quite surprising, it is viewed by many as a bit like catching a cold.
Trojans with the characteristics of that which infected Mr Fiola's PC are sadly becomming commonplace. Also there is a disturbing trend towards bundling more and more infections into a single attack, or for one or more infections to act as a distribution network for many other previously unrelated infections. This means that two people who think they have a similar infection might find a totally different mix of secondary infections on their PCs.
On a lighter note, we see about 5,000 new PC users everyday who find serious infections on their PC with Prevx CSI. You'd think they'd want to fix their PC pretty quickly and most do. But about 2,000 users will spend 2 or 3 days searching for free license keys to avoid having to pay for a security product that will fix the problem. Ironically, while searching for the free key they are often being invited or drawn to the very web sites where they are most likely to pick up further infections.
Some rudimentary analysis of this issue produce some worrying facts. It highlighted that more than 80% of web sites openly promoting free and often fraudulent license keys for security products from the top ten vendors were in fact distribution outlets for a wide range of malware. Often the file that was supposed to contain the free license key(s) was actually a dropper for pretty nasty malware. Not what the bargain hunters expected!!!
Below is a list of BOGUS Prevx CSI License Keys recently advertised on the Web. Obviously, none of these keys worked but they look authentic. If you google any of them you will find the sort of web sites trying to lure people in need of security using supposed free use of one or more Prevx product but delivering anything but.
6E124B72-E84B-4739-877F-1C300E7FEE70
9EF8163B-1514-4379-88D2-47F5579EE713
B837FDCE-DB6D-41BA-9061-5E3E03B8C105
A77909D2-D790-48EE-B025-6340E3B36E2C
9286B4FB-1CFF-4C3B-96A7-6B17F0C33356
15CFA07B-D095-40B8-B62E-6FC2588EA64F
1245CA96-250A-4116-AE63-77B2726952D7
870CA263-67EC-4A89-879F-93C6F75BFBDB
A4D05E3E-72B4-45D5-B3AB-9C269CDF7E98
0A3E2A9A-2F5D-468C-915C-AFD4408B5BE6
F785C147-90AB-4844-A6CA-C35DE198BE33
6D0F3360-0B59-444E-AAA7-C4EBDF871E0E
A7B9B301-DD18-4AA8-BFC1-D15F93C186EE
7B0EDFC2-9999-4EB5-A1F5-DBB6E2585557
95808C0C-8F69-4388-A269-F70E319F4D79
A176D598-0C48-44FC-83BE-F80B85CBA06C
FD85C147-90AB-4844-A6CA-C35DE198BE33
