Malware Inc. - Part 3

So easy to miss and seemingly innocent...

So easy to miss and seemingly innocent...

Free software and trial software are in great abundance online. And the development costs of writing and publishing that software have to be paid for if the developers want to stay in business for long.  Developers used to offer full versions of their software on a time based trial, and after the trial expiration you were required to pay for it to continue using it with full access. While this method of distribution still exists, we are seeing more and more developers of lower cost, and lower quality software bundling other software in with theirs to make enough money to keep the lights on.

These bundles are problematic. Rarely is other good quality, trustworthy software bundled together, and instead, the majority of these bundled programs are considered malicious in some way or another and you need to pay very close attention during the install process to avoid installing them.

The majority of the time when a customer comes to pick up their computer, I will point out to them these malware programs installed on their computer. Frequently they ask me "How did I get them, because I did not install them". I then explain that they most likely did install them, and they never even noticed. After I show them how it happens they usually respond with a deep sigh of acknowledgement, remembering in most cases specifically when it happened. 

Bundled malware is a big issue. Take this example: You are trying to figure out how to save that YouTube video to your computer and you are told to download a video converter. Sso you go to Google and throw it in the search box and you find a Free Video Converter. You download it and run the installer and click next, next, next, finish. All of a sudden a box comes up telling you you have not backed up your computer and your files are at risk and some program you have never seen before is offering to solve that problem for you at a cost of $39. 

After closing this you look around and realize there are other new programs on your computer that you did not install. Or did you? During the install process for the video converter you so hurriedly installed, you missed that one or more of the screens were a request to install other software from "partner companies" to help improve or clean up your computer. The little check box goes completely unnoticed by you, and that is how they do it.

So what is the solution? To be certain you are downloading the program from the proper place for starters, and then to be very wary during the install process. Thoroughly reading every screen and looking for the little check boxes that they try to sneak by you that will offer to install either some free toolbar, change your homepage or change your default search engine.

Malware infections typically work in a snowball fashion. First they may change your default search engine, then installs for registry cleaners, then notifications that your system is infected with spyware, etc.. until the computer is no longer usable due to all the popups. The worst part is, that they feed off the average user's rampant and justifiable paranoia regarding viruses and spyware, and the spyware programs themselves are the ones popping up notices about spyware on you computer. Then you, in an effort to rectify the problem, follow their instructions to "remove" the spyware by allowing them to install even more spyware. And the cycle continues. This brings us to Part 4: Malicious Search Engines.