If you know anything about security, the word rootkit should send shivers down your spine. If not, we'll get there by the end of this article. Rootkits are simply a piece of software that evades detection by hiding in the inner-most layers of your system. We usually see rootkits as part of a Trojan Horse payload, since they are fairly tough to install without user interaction. Once a rootkit is installed, they are very tough to spot, and even harder to remove.

I remember the first time I faced a rootkit on a compromised system quite well. The machine just kept getting the same virus back, over and over, even without an Internet connection. It was driving me crazy, until I finally pulled the hard drive out and scanned it in another machine. I think we were using NOD32 at the time, and it picked off a handful of files that were totally cloaked inside of Windows. Once they were gone, the system showed a slew of registry entries that had been hidden, and removal was trivial at that point.

--- If you are having trouble reading this email, see the HTML version at http://nordic-pc.com/node/434 ---

Last time we talked about the infamous Trojan Horse virus, which is considered to be the top threat on the Internet today. Today we're taking a step back to the early 2000's when the idea of Adware and Spyware came about. I'm bundling the two together since most software utilized aspects of both to deliver targeted ads to your desktop.

Around the year 2000 an amazing service called Napster came about, and college students around the globe rejoiced. I remember being in my dorm at Clemson University and being able to download a song from a neighbor in just about 3 seconds, or roughly the time that it took to click on it and then click back to their list of available music. In this very early version of a peer-to-peer network, you would grab a file from another individual directly. Within a couple of years, Napster would be shut down, and a plethora of services came about to fill the void.

One of the more memorable ones was called Kazaa. When it was first launched, it would install not only itself, but a piece of software that would deliver ads to your desktop through your web browser. This is the definition of Adware. The first one I can recall was called Gator, and you could expect to see around 20 to 30 extra pop-up ads in your web browser every day. Gator also would record what you were searching for on the web, and tailor its ads to what it found. That's what we call Spyware. So Gator was both Adware and Spyware.

--- If you are having trouble reading this email, see the HTML version at http://nordic-pc.com/node/430 ---

The Trojan Horse style of virus is probably the most wide-spread of all of the current attacks, and as such, is also one of the hardest to avoid. Trojan Horse viruses hide themselves inside of wanted applications, such as audio and video decoders, pirated applications, and even sometimes in legitimate application installers. They are widely distributed through peer-to-peer networks like Limewire and also can be found in Usenet forums. They have a widely varied payload, and target all common computers, and even mobile devices. A Trojan Horse virus that arrived earlier this year, coined "iBotNet" by media sources, was considered the first successful threat to Mac OS X users, hiding itself in pirated copies of iLife and iWork, and we can only expect the iPhone to be a huge target in the months to come.

The most common infection sources I've come across are social networks like MySpace and Facebook. MySpace seems to be worse than Facebook, however I don't actually have any numbers to prove that. The start of the process is actually the hijacking of a user's account on one of these networks. This is done either with a phishing scam email, or a keylogger that records their username and password. It can also be done with a brute-force attack on their password, where common phrases are attempted over and over again until access is gained, but most services have protection against that.

---  If you are having trouble reading this email, see the HTML version at http://nordic-pc.com/node/426  ---

When it comes to computer security, there are a lot of terms that get thrown around. Viruses used to be all you needed to worry about, but now we have adware, spyware, Trojan Horses, and rootkits, just to name a handful. Knowing what these things are is the first step towards protecting yourself, so I've put together this handy glossary of terms for you.