03.21.10

^{Gemini version available ♊︎}

The Brute Force and Sheer Power of Microsoft Windows

Posted in Microsoft, Security, Windows at 7:36 pm by Dr. Roy Schestowitz

“Fuerza Bruta”

Summary: How Windows botnets enable criminals to make a lot of money at the expense of Windows users

WINDOWS means business. Sure, it stands in the way of many legitimate businesses, but at least some bad guys manage to make a living out of Windows’ flaws. Here is the latest example:

Facebook’s 400 million users have been targeted by a spam run that could infect their computers with malicious software designed to steals passwords and other data, according to security researchers at McAfee.

There are two elements at play here; first, there is the brute-force mailing, which typically requires botnets; secondly, there is malware here that only runs on Windows (the article neglects to say this, just like many others). Tracy Anne corrects this in the comments, but it really should not be required if journalists do their job properly.

It wasn’t so long ago that the SEC reported the effects of SPAM (Microsoft Windows zombie spewage) on Wall Street trade. It was reportedly the same outside the United States. Botnets were affecting stock prices with manipulation through brute-force disinformation for pump-and-dump schemes (references here). Wired Magazine reported the following some days ago:

SEC: Hacker Manipulated Stock Prices

U.S. regulators are moving to freeze the assets and trading accounts of a Russian accused of hacking into personal online portfolios and manipulating the price of dozens of stocks listed on the Nasdaq Stock Market and New York Stock Exchange.

A New York federal judge on Tuesday sided with the Securities and Exchange Commission and froze the assets of Broco Investments, believed to be a one-trader operation based in St. Petersburg, Russia. The SEC said Broco capitalized by artificially moving prices of more 38 thinly traded securities — enabling Broco to profit from up-or-down price swings.

[...]

The so-called “hack, pump and dump” scheme is among the latest illicit methods of gaming the market though hacking.

Earlier today we wrote about Bitdefender (which is supposed to defend Windows) simply castrating and breaking the operating system. That’s what one gets for trying to secure Windows. Our reader Tim wonders if “Bitdefender is spot on”:

Allegedly Bitdefender has identified several parts of Windows as a trojan, fixed them and subsequently brought down Windows.

Being flippant, one could argue that Bitdefender was merely doing its job and identifying Windows as a trojan was correct, another camp could list it as yet another issue Microsoft’s OS has stumbled into.

By the definition of the words “malware” and “spyware”, Microsoft Windows is both. Just because it’s widely used does not except it from the symptoms and the diagnosis. █

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.