by
tensigh » Mon Aug 18, 2014 3:25 pm
kgc wrote:tensigh wrote:I know that when something like this happens, the first instinct is to assume someone's computer has been infected with malware, but more and more I find this less often to be the case. Even casual users these days are less gullible to virus attached emails and later editions of Windows are better protected against malware. In short, this isn't 2001 and no one's running Windows 98 anymore.
I don't think that is the correct assessment. If it were true, the massive botnets responsible for much of the spam, DoS attacks, ransomeware (cryptolocker) would not exist. And it would not take global coordinated effort of law enforcement, ISPs and corporations including Microsoft to cut off the bots from their C&C systems in order to break them.
http://en.wikipedia.org/wiki/Operation_Tovar (And this thread wouldn't exist.)
Really? When was the last time you had to deal with a computer virus outbreak? Like I had said, in the 90s and early 2000s I worked a help desk where people called because they clicked on attachments and there was clearly signs the PC had been infected. One of the best ways to tell was to run netstat and see the outgoing connections or hook an infected PC to a switch and monitor the outgoing traffic from the switch. This has happened less and less in my experience.
Plus your logic isn't quite sound. Just because botnets exist (and spam) doesn't mean it's all the result of malware. There are a number of ways a computer can be taken over other than a user simply downloading a virus and you're assuming that peoples' passwords getting stolen is the result of malware. A SQL injection on the right website could net thousands of logins and passwords. Users can have their information stolen when nothing has infected their individual terminals.
As I mentioned, the user landscape has changed drastically since 2001. The word has gotten out and even casual users are more aware of potential threats; P2P networks are significantly less common (remember viruses floating on Kazaa?), OS's are better at weeding out threats, people spend more time on mobile devices, etc. It's not to say the threat doesn't exist at all but the "Oops I clicked on a bad attachment" phenomenon is a lot less common, wouldn't you say? There are as many threats on infrastructure (WAPs, SQL injections, etc) as there are threats to individual terminals.
But again, my point wasn't that it never happens just that it seemed odd that it happened to so many Sonic customers at once. It seems odd that my computer and my parent's both get "infected" with malware and the only thing that gets stolen is my Sonic password. The alleged malware authors ignored my bank account password, my stock trading password, my other email accounts, my Facebook account, they only went for Sonic. Kind of odd that such an advanced malware program sneaks on to my computer, my parent's computer (who don't share files or visit too many websites) with a minimal risk and only steals ONE password. Especially when a lot of people from that ISP are complaining about the same thing.
Of course, it's always easier to blame some phantom malware since its always a possibility.