Coffeehouse Post

Single Post Permalink

View Thread: I've got a rootkit...
  • User profile image

    , ZippyV wrote

    What I like to know W3bbo is how you got it? You are probably up-to-date with your patches on MicrosoftUpdate and don't run executable stuff from e-mail attachments nor do you download malware from websites and click yes on the UAC dialog. Was it Flash or Java that allowed your pc to get infected? Are they up-to-date?

    The #1 way of getting infected is not being exploited, but running an exe written directly by the malware author. These tend to be either
    a) Quick download my smileys!
    b) Run this program to get rid of malware!
    c) Run me because I am *popular game* / crack for a *popular game*! 
    d) Click me to install codecs to watch *popular movie* / porn
    e) Install this toolbar to use *popular application*
    f) Install this toolbar to use *seemingly popular website*
    g) Friend sends "Run this program it's amazing" which then installs malware and sends "Run this program it's amazing" to all of your friends. 

    Only after all of these does drive-by infections kick in as methods of infecting computers - and again malware authors are lazy and tend to use easy-to-exploit bugs or bugs whose PoC are easy to turn around, which in practise means you need to be quite out of date for drive-by-downloads to work.