Earlier tonight, I ran across a press release from the FBI. As I read it, I nearly screamed out loud at my computer. In short, the release is warning computer users of the dangers of a malware infection commonly referred to as Zlob. This infection will cause popups on your desktop, warning you that you are infected, and should download such-and-such software to cure this problem. Welcome to our world, FBI folks… a tad late.
The Zlob family of infections are a thing of the past, for the most part. The instances we see here on GeeksToGo have decreased dramatically, thanks in part to tools such as Malwarebytes’ Anti-Malware (and other software) that easily combat the infection. We are seeing rootkits, Google redirection problems, and other such nasty problems instead. DNS changing trojans are definitely still out there. Also, very often DNS poisoning capabilities are built in as components of other malware. While Zlob was prevalent early in 2009, it’s honestly been several months since we have seen it dominate our help forums.
I think it’s wonderful that the FBI and other organizations are attempting to help warn consumers, and try to protect us. However, I honestly wish they were more up-to-date. Instead of advice relating to specific infections, I feel that organizations such as this should be providing more comprehensive “overall” advice as to how people can keep their computers – and identity – safe. Pinpointing specific infections the way the FBI has done only serves to generate media hysteria that can cause panic, and obscure the REAL – and helpful – advice. Simple and safe computing practice guidelines, in clear language that non tech-savvy users can understand, is more helpful than specific malware warnings. The age of outbreak is behind us, and malware specific warnings will always only serve a very limited purpose. The average “distribution lifetime” of any given piece of malware now is about 3 hours, before it is replaced with another variant… and we see a new malware variant being released every 1.5 seconds.
The majority of infections can be avoided by keeping all applications and operating systems up to date, using your computer in a non-privileged user account (i.e. not Admin), and running security software that automagically updates and provides real-time, dynamic protection. Security software that relies on pattern file updates alone is no longer fast enough to offer the protection required.
As I said, I appreciate that the FBI wants to attempt to help people when it comes to securing their computers. I feel, however, that they need to do their research before writing something such as this. They need to be in contact with the experts who deal with malware day in and day out. Partnering with vendors of security products when attempting to educate the public is another good idea, as well. It is the experts in places such as our site who work in the trenches day in and day out combating malware who are the ones you should listen to – not some government agency.
I have to thank Rik Ferguson, who is a Senior Security Advisor for Trend Micro, for collaborating with me on this post. I owe him a debt of gratitude for his guidance, his insight, and his humor.
What are your thoughts? Do you feel that the FBI is on the right track in trying to warn consumers about specific infections? Should they instead focus on general security tips?