Hackers exploiting trust with malware triumvirate


Some savvy cyber criminals have used just three families of malware to infect around five million systems, in what one security firm has labelled the "trust phenomenon."

Rather than using more shady areas of the internet, such as pornography or download sites, to spread infection, the hackers tracked by avast! have sought to exploit user trust in websites believed to be secure.

Users appear to have plenty of faith in well-known web services, with one user complaining to avast!: "I very much doubt Google is sending me a Trojan."

Another said they didn't want their time wasted by alerts from avast!.

"The danger is in the familiar, everyday trusted places on the internet which are as much a part of a daily routine like your morning coffee," said Jiri Sejtko, avast! senior virus analyst.

"People send us complaints about false positive detections' and even disable their AV protection in order to reach their desired location then they wish they hadn't."

The three kinds of malware that avast! believes to be part of the "trust phenomenon" include the Ill family, Kroxxu and JS:Prontexi.

All are technologically very different, according to avast!, but they are also highly effective in snaring unwitting users.

"Bad guys move in cycles, creating new variants with the knowledge gained from previous generations," Sejtko added.

"When you get an alert from your antivirus program, don't ignore it."

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.