Defeat 'malware' by knowing your enemy

PUBLISHED : Tuesday, 12 October, 2004, 12:00am
UPDATED : Tuesday, 12 October, 2004, 12:00am

I first fell under the spell of the Web in 1995. Beguiled by the peaceful green interface of Netscape Navigator, I never dreamed that the fields of cyberspace could lose their innocence.

But those days are history. The Web is now crawling with cunning code collectively known by a word that makes me think of evil spirits but is actually just a contraction of malicious software - 'malware'.

This week I will expose and dissect six vile examples of this pestilence, just for the cheap thrill. Conceivably, the appraisal might be useful, too. Remember what martial mastermind Sun Tzu said: 'To defeat your enemy, you first must know him.'

Extortionware: PR pro and blogger Usher Lieberman (, defines an annoying phenomenon you may well have encountered without ever understanding as 'extortionware'.

This term means 'free' programs that scan your system for malicious software then launch into a marketing pitch to persuade you to upgrade to a paid version or face the consequences. What makes extortionware especially repulsive is its duplicity. It parades as a hero on a mission to eliminate villains then blackmails you. It reminds me of that junk e-mail with the subject line: 'Get rid of spam like this.'

Scumware: This lovely word is often used loosely to mean any program that infiltrates your computer via the Net. Strictly speaking, it means software designed to redirect web traffic and thus divert revenue from one site to another. Webmasters hate this plague that thoroughly merits its name.

Rootkit: This may sound cute but the thing it signifies is spectacularly treacherous. It means a bunch of tools that a hacker recruits to mask intrusion and gain administrator-level access to a computer or network.

The hacker installs a rootkit on a computer after first acquiring user-level access, either by exploiting a known vulnerability or cracking a password. The rootkit then gaily passes user IDs and passwords to other machines on the network. Vermin.

Cookies: All right, I threw this in to be controversial and provide another break from words equipped with the dreary 'ware' suffix. In theory, a cookie is just a bit of text in a file on your computer, containing a scrap of information that identifies you to a particular website and supplies whatever information that site wants to retain about you when you visit. When you come again, the server looks for the cookie and configures itself based on the information given.

Handy and seemingly benign, except some websites use cookies to tail you wherever you venture. 'Cookie abuse' it is called and presents a dilemma: do you block none, some or all of the critters?

Foistware: This makes me feel violent. One of the lowest, sneakiest kinds of malware, this is an unwanted program that hitches a ride with an application you do desire. Probably your hard drive is swarming with foistware. Who is responsible? No names, no lawsuits. But I will say the main offender sounds like a contraction of cat and bazaar.

Homepage Hijackers: Ever visited a site that suddenly and mysteriously became your home page? Blame homepage hijackers, which fall into two types.

One is stupid: it just exploits an Internet Explorer vulnerability to do the deed. You curse, reset your homepage and resolve never to visit that site again.

The other breed of hijacker is cunning - it actually installs a program on your computer that obstinately forces your homepage back to the one it favours, again and again.

Some hijackers will even set up your system to lock you out of the registry, to prevent you fighting back. If you really want people to hate your website this must surely rank as the top tactic. How warped can you get?

You can come out from behind the sofa now. But remember it is better to be paranoid than complacent. Malware will only grow more devious. If only, as the god of the internet Vint Cerf recently recommended, we could dump the stuff in outer space.