Sophos Cloud Optix
Those of us who work in IT security know this all too well…
Never a truer word spoken drawn…
Have you found the above diagram to be true? Why not leave us a comment telling us your experience of how the “not-we” can mistake other computer problems for a malware infection.
Via XKCD.
This used to be true, and then ransomware started to take over the virus world.
How picky are we being about the difference between a virus and a trojan?
Ransom-ware by definition is NOT a virus — it rarely self-replicates or spreads beyond the singlepoinbt of infection. It is MALWARE, which is a more encompassing term for malicious software of which viruses are but one aspect.
Most computer problems people think are "viruses" tend to be caused by flaws ub the commercial software they use. I've had Windows and WORD freeze or mess up files far, far, more often becauseof flaws in the software, incompatabilities between release levels, or its recovery capabilities than becauseof asupposed "virus"- and before you ask, this was one a standalone system that NEVER connected to a network and which never had files imported to it.
I find the opposite to be true really. With the current state of the internet being such a cesspool of poor security, most average users absolutely are infected with some sort of malware. I’m not saying all the users complaints are caused by malware, but the failure of antivirus technology and the prevalence of 0 days being found for popular well used apps makes it an absolute legitimate concern.
As a user of Sophos AV, a more stringent follower of best practices than many, and an non-Facebook-user, I seldom have a problem that I would even contemplate attributing to malware. Maybe once in the past five years?
Until I switched over to an NVidia graphics card, my usual suspect was the ATI Catalyst drivers. 😉
You are blaming the wrong source for the issues. It doesn't matter what is on the internet — it is the precautions the user takes that matters most. The internet is merely the the route of travel — you don;t blame the road for the crime rate in an area or the car manufacturer for the poor drving habits of the driver, so why is it the :Internet" that is at fault because users donot atake simple precautions? Why is that if stranger came up to you on the street and said to you "Hey, you've just won this amazing lottery but I need $5000 from you before I can give you the $10,000,000 prize" you tell them to uxx off but because it comes in an e-mail people are willing to fall for it?
“those amusing folks”
It is just one guy.
Nah, Randall has friends. It's more than one person behind the scenes.
Actually last time I was hired to "remove the virus" it was actually a virus causing the problem. The only reason was that google and some other sites noticed that there was something funny going on with the browser's x509 handling and threw up a big error page.
I usually find that instead of a virus the problem is the dozen browser toolbars the user has managed to install but claim they didn’t. I don’t even mean the dodgy adware type of toolbar but the more legitimate toolbars from Google, etc that install with other software if you don’t deselect them.
This^
Happens way too much… "I swear I didn't install them, they just appeared there!"
Once had a user install new software, after which nothing else but the new program would run. She came to me terrified of what she might have unleashed on our network, saying she believed a virus must have been hidden in the new software. Instead, turns out the legacy installer had complained about a space in the install folder path name, so she renamed the folder to remove the space and allow the install to continue. The folder was "Program Files".
It's never a virus.
It's ALWAYS Windows… 🙂
Amusing for sure, but also frightening.
Problems that users see are mostly not virus' just misunderstanding. OK. At least they are trying to understand. And this includes the trojans as ransomware. Sometimes irreparable damage. But known.
The problems they don't see are the ones to be frightened of. 6 months of unautorized monitoring of a mail account without the users knowledge, or the unseen and unknown (by the user) open access to information on a computer for prolonged periods.
Its the disease you don't catch that kills you.
It often feels like every time there's a computer problem or glitch that users don't understand, they assume it's malware. The malware programs that want to be seen usually aren't that sophisticated, they're just picking off the weakest members of the heard, so they usually get added to signatures quickly. I've often found that if users think its malware, but there's nothing reporting that it's malware, it's usually not malware.
Whenever I do user education on malware I always ask people what they think the malware wants. Ransomeware and script kiddie lulz want to be noticed, but as DaveC said, the things you really should be scared of are the things that are hiding. If you're trying to spy on someone you're going to be really careful about not being seen. Spys that blunder about drunkenly knocking things over and causing a scene don't usually keep their jobs long (unless that's the local scene, I suppose).
Need to add a third disconnected circle – those phoned up by someone claiming to be Microsoft to help them rescue their computer from a virus.
I basically treat all phone calls these days as though they are phishing emails until the caller can convince me otherwise.
Sad, but my default setting now is that all contacts by phone or email are fraudulent, and it is then a question of determining otherwise.
I have had 3 users call me this week to say they have had their "local security experts" call them from their "local exchange" or "local service provider" saying something along the lines of "We have been getting some odd traffic running through the local exchange located at "insert closest exchange to the phone number here" and it appears to be originating from your computer. if you can allow us access to the system we will remove anything malicious for you free of charge, If you had called us we would of had to charge a fee for this service" buuut that would almost certainly fall into the left circle 🙂 – It does all fall down to the knowledge of what your looking at – as you can see there are comments on here from people that are smart enough to keep up to date with Sophos articles but they clearly haven't realized the differences between various different internet nasty's.
In all the computers I have serviced, I have only found one or 2 a year that come back with no malware of any sort. Malware is big business, so at this point in time, it is hard to avoid. Even if you are an informed user.
Try explaining the difference between a virus and malware and potentially unwanted software to the average user is to much work. Many of us will just say virus to be lazy. Its not necessary to always be so specific in definitions. Whether it is a virus, adware, malware or what ever unwanted program you find on a user computer, it is just easier to say virus, and be understood. Most people are basic in knowledge, and you will lose them with specifics.
I'm a network admin, I get a lot of people saying they have a virus… but what they really have is an admin using VNC on the machine next to them!
"The Pc keeps restarting every 10 minutes and shows bluescreen! Its a virus!!!" .. then i opened the Pc and… there is Dust! Everywhere! …and a installation windows cd inside.