Symantec's Home and Home Office Security Report - January Roundup
What better time than January to review last year's security issuesand discuss predictions for the coming months of 2007. This issue ofSymantec's Home and Home Office Security Report looks into this, aswell as discussing current potential risks and threats that couldimpact home and home office users.
On January 20, 2007, a critical security flaw in Apple iChat wasreported. Hackers could use the flaw to break into your computer,allowing them to read your email messages and address books, steal yourfiles and software, and use your computer to carry out further hackingattempts. A hacker could also take advantage of the flaw by enticingyou to visit a malicious Web site or open a malicious file. When theWeb site is loaded or the file is opened, the malicious content willtake advantage of the flaw and allow the attacker to gain control ofyour computer. At the time of this writing, Apple had not yet releasedsolutions for all of these problems, but you can protect yourself byensuring that you are running up-to-date antivirus software and byavoiding opening any files or email attachments unless they areexpected and come from a known and trusted source.
Also making headlines in January, was the report of Swedish bankcustomers who were recently targeted by a Trojan attack, which resultedin one of the biggest online bank heists in history. A variant of theHaxdoor Trojan was sent to bank customers claiming to be a program fromthe bank to block spam. Once installed on computers, the Trojan wouldwait for users to access the bank’s site and then redirect them to aWeb site that was controlled by the attackers. In total, the bankestimates that the attack netted the thieves approximately US$1.1million. Most banks do not usually send files or email with links toWeb sites. Never call a customer service number that is included in theemail message since it may also be fraudulent.
This issue of the Home and Home Office Security Report also alertsusers to vulnerabilities. For example, Sun’s Java software was affectedby a security flaw that could be taken advantage of through a Webbrowser. The Java Runtime Environment is the software that allows youto run Java applications and allows your Web browser to run JavaApplets. Java applets are commonly used to add interactive media to Webpages. A hacker could take advantage of this flaw by enticing you toload a Web site that contains a malicious Java Applet.
The Microsoft Windows Vector Markup Language (VML) processingfunctionality was also affected by a security flaw that could beexploited through a Web browser and allow a hacker to gain access toyour computer. To protect yourself from security flaws, you shouldensure that you keep your software patched and up-to-date. Also neverfollow unknown links on Web forums, message boards, blogs, orunsolicited emails.
The "Hot Topic" for this month was a new Trojan named Peacomm. OnFriday January 19, 2007, Peacomm was discovered in the wild. Over thefollowing weekend, reports of this Trojan from Symantec customersreached a high enough level to cause it to be classified as a RiskLevel 3. This Trojan has been seen as a file attachment to spam emailmessages. If the Trojan successfully infects your computer, it will tryto hide its presence by using rootkit techniques. The Trojan also triesto set up a peer-to-peer botnet using infected computers. Additionally,Peacomm tries to download other threats and install them on yourcomputer, including Abwiz.F and Mixor.Q. Infected computers can be usedto participate in denial of service attacks, relay spam, or let thehacker steal files from the computer. To protect yourself againstPeacomm, you should make sure that your antivirus definitions areup-to-date. You should also never open files attached to emailmessages, unless they are expected and come from a known and trustedsource.
All of the issues mentioned here, along with other threats and Internet security news are discussed in more detail in the Symantec Home and Home Office Security Report for January, 2007. This month’s report can be viewed and/or downloaded from the homepage, as well as previous reports from 2006.