Interview: ESET’s Juraj Malcho on malware attack trends

“Malware has advanced, become more complex.”

 

Not our words. This is what Juraj Malcho, Chief Research Officer at ESET claims to have observed. And his word counts. Why? Because he’s been a virus researcher for 10 years now, and loves every bit of it. Excerpts from our exclusive interview:

 

We’ve seen a shift towards the mobile. The malware has become more advanced and its capabilities more complex, and therefore so have our products. 

 

The complexity of threats and attacks are coming from all directions, thereby stressing out the need for layered security. A single point of protection is easy to defeat, thus for companies it’s necessary to deploy protection at the gateways as well as endpoints. Generally, it’s necessary to look where the people or money is because that’s where cybercriminals will strike. After all, the times when malware was written for fun and fame are long gone.

 

Talking about checking possibilities and hacking/cracking for “fun“ and proof-of-concept, we’re seeing attempts to attack any smart devices out there and finding weaknesses in their design and implementation. This concerns any device you can connect to, such as Smart TVs, intelligent houses (alarm system, devices) and so on.

 

We can see a lot of QR codes are showing up in stores and a ton of new NFC-enabled smartphones will be hitting the streets this year, opening up the possibilities for those who would seek to abuse them. Hackers use the software which interacts with the code/tag and proceeds to act on the data in the code/tag without asking permission. This will happen when the associated software will not have preview-and-authorize as the default setting. On the Android platform, we noticed “Control Near Field Communication: Full internet Access” as one of the permissions sought by mainstream apps like Google Earth and YouTube.

 

We feel QR codes (which is freely available) suffering potential weakness. If anyone wants QR code for their project, we strongly suggest them that there are many websites that will generate the code and also test the code before deploying.

Juraj Malcho, Chief Research Officer, ESET
 

The mobile platform itself is directly being used for online banking, which is gradually attracting the attention of criminals. While absolute numbers of malware targeting mobile (by far mostly Android) platforms is low, the significance of those attacks is high for the victims since they typically lose money.

 

There are numerous malware families today performing Bitcoin (digital currency) mining or other crypto currencies or both. Spying trojans and banking trojans also follow the money trail and turn their attention to Bitcoin (and other similar currencies), directly aiming to steal digital wallets, but there are steps you can take to keep your Bitcoins safer than most.

 

If your wallet’s stolen, act fast: If your Bitcoin wallet has been stolen, it’s not quite as easy for the attacker as stealing a real wallet – he or she has to move the currency out of it. If you’re lucky, and fast, this can sometimes save your coins. When the Bitcoin wallet is stolen from the victim, the attacker will have to “spend” the Bitcoins in it – by either adding them to his own wallet, purchasing something, etc.

 

Keep your PC clean if you’re dabbling in Bitcoin: If you keep your computer clean and uncompromised by “thinking before you click” and keeping your system, applications and anti-virus up-to-date. It is always better to have less Bitcoins rather than putting life time wallet.

 

Encrypt your wallet: To stay safe, you just have to ensure no one else ever has access to these. Bitcoin provides a way to encrypt wallets, and this would make it much more difficult for the attacker to get his hands on the Bitcoins

 

A threat, which has gained momentum in the past months is ransomware. The absolute numbers are not high and these trojans by far don’t make it to the top of prevalence charts, but they get a lot of attention because they are very visible, unlike a typical bot. (Ransomware is malware which hijacks the PC and then demands a ransom from the victim, typically by locking his/her PC (Lockscreen) or encrypting his/her files.)