When Good Browser Add-Ons Go Bad: App Loads Malware

It was initially classified as harmless by security firms, but a Web browser add-on drove a three-fold increase in infections on Windows computers at the end of 2013. That's the report from Microsoft's Trustworthy Computing Security Science team. And that's not the only malware that has flown under the radar screen.

But there is also good news. Microsoft reported a 70 percent decline in the number of severe vulnerabilities -- classified as those that can enable remote code execution -- that were exploited in Microsoft products from 2010 to 2013. That proves new security tools are helping PC users win the fight.

"While this trend is promising, cybercriminals aren't giving up. Our data shows that in the second half of 2013 there was a noticeable increase in cybercriminal activity where attackers used deceptive practices," said Tim Rains, a director in Trustworthy Computing at Microsoft. "The continued increase in deceptive tactics is striking; in the last quarter of 2013, the number of computers impacted as a result of deceptive tactics more than tripled."

Avoiding Deceptive Tactics

The number of infected Windows computers jumped from 5.8 per 1,000 in the third quarter to about 17 per 1,000 in the last quarter of the year, largely due to malware called Rotbrow, which masquerades as a security add-on called Browser Protector, Rains said. Rotbrow is a "dropper," meaning it has the ability to download other malware onto a computer. But because it didn't initially download any malware, security firms labeled it benign. Later on it began to do just that and Microsoft spotted it.

It's these so-called "deceptive tactics" that often go undetected by many security firms, Microsoft said. And deceptive downloads -- which are often bundled with legit content like games, music and software -- are the top threat in 95 percent of the 110 regions in the...

Comments are closed.

When Good Browser Add-Ons Go Bad: App Loads Malware

It was initially classified as harmless by security firms, but a Web browser add-on drove a three-fold increase in infections on Windows computers at the end of 2013. That's the report from Microsoft's Trustworthy Computing Security Science team. And that's not the only malware that has flown under the radar screen.

But there is also good news. Microsoft reported a 70 percent decline in the number of severe vulnerabilities -- classified as those that can enable remote code execution -- that were exploited in Microsoft products from 2010 to 2013. That proves new security tools are helping PC users win the fight.

"While this trend is promising, cybercriminals aren't giving up. Our data shows that in the second half of 2013 there was a noticeable increase in cybercriminal activity where attackers used deceptive practices," said Tim Rains, a director in Trustworthy Computing at Microsoft. "The continued increase in deceptive tactics is striking; in the last quarter of 2013, the number of computers impacted as a result of deceptive tactics more than tripled."

Avoiding Deceptive Tactics

The number of infected Windows computers jumped from 5.8 per 1,000 in the third quarter to about 17 per 1,000 in the last quarter of the year, largely due to malware called Rotbrow, which masquerades as a security add-on called Browser Protector, Rains said. Rotbrow is a "dropper," meaning it has the ability to download other malware onto a computer. But because it didn't initially download any malware, security firms labeled it benign. Later on it began to do just that and Microsoft spotted it.

It's these so-called "deceptive tactics" that often go undetected by many security firms, Microsoft said. And deceptive downloads -- which are often bundled with legit content like games, music and software -- are the top threat in 95 percent of the 110 regions in the...

Comments are closed.