Trusted Software or Site

27 February 2013 by

Viruses and other malware have, in the past, been sent out on media from trusted companies. There is no reason it can’t happen again.

Actually, the summary above about says it all. Floppy disks (back in the old days), CDs (more recently), and downloads of commercial software or products have now and again included malware on them. Even more recently, the source code for some popular websites has been hacked with malicious intent so that when a person visited the site the page, presumed good, had code on it that would look for various unpatched vulnerabilities and exploit them.

Some examples…

  • From an article by John Markoff published 28 Jan 1992: “A personal computer manufacturer has notified its dealers that in December the company accidentally shipped as many as 500 personal computers with a potent computer virus.” The company was Leading Edge products, Inc. and the malware was the Michelangelo virus. The company, to its credit, sent customers who bought the machines software designed to remove the virus. In this case the bug came from a different vendor who provided software bundled with the computer.
  • The Computer Incident Advisory Capability (CIAC) published an information bulletin on 9 Sept. 1991. In it the quote: “The Jerusalem-B Virus has inadvertently been distributed with some copies of one version of PCNFS software fix.” This turned out to be a virus in the Sun Microsystems PCNFS software fix for MS-DOS computers. Fortunately, this only went to a limited community of users.
  • More recently the CIAC put out a bulletin 14 March 2008 summarizing an investigation that indicated that between 29 February and 9 March the FlashGet website had apparently been hacked and was distributing Trojan-Dropper.Win32.Agent.exo, Dropper.Win32.Agent.ezxo, and Trojan-Dowloader.Win32.Agent.kht to visitors of the site when they downloaded software. Basically, someone managed to substitute the standard configuration file and link it to a Trojan located on the site.
  • Even more embarrassing, 13 March 2008 Trend Micro announced: “Our website has been hacked, risk of Trojan horse infection.” Trend Micro is an anti-virus company! Apparently, a number of pages on their Japanese and English site were altered by hackers to insert a malicious iFrame exploit which installed a Trojan on visiting users’ computers.

So, as you can see, using trusted media as a vector for infection has been around for a long time and continues even to the present day.

Summary

  • Viruses and other malware have, in the past, been sent out on media from trusted companies. There is no reason it can’t happen again.
Up Arrow How Viruses Infect Up Arrow
Prior Page Next Page
Search Poisoning Some Virus Threat Details
Filed Under: VTutor