As we’ve mentioned before, your average user is the most at risk of getting infected these days. So, with the release of Microsoft Security Essentials recently en masse, we’re really able to see some of the fruits of our labour over the last few years. We’re very pleased to see such a positive response to MSE, with many new home users giving it a try, which as you can imagine, makes us all happy little Vegemites*.

As you might expect, we see pretty different infection types from home-users versus the enterprise. Generally, infection vectors for the home user are web-based; either via malicious websites or by being enticed to download something that is, how you say ‘not so much with the good’.  The term ‘home user’ generalises – computer-based experience of these users covers a broad spectrum. The savvier of these computer users, one would expect, would have a better chance of avoiding infection. However this is not entirely true; as we’ve mentioned in previous posts, savvy computer users actually open themselves up to more risks while they’re exploring the deeper darker depths of what the Internet has to offer.

To wit, after MSE’s release, we’ve seen a spike in a particular variant of Win32/Bifrose – Backdoor:Win32/Bifrose.EO. Why, you ask? Well, it seems that the malware authors (or perhaps an unsuspecting pirate) are distributing a ‘cracked’ version of Windows that comes pre-infected for your convenience – labelled, fittingly, “Vista Black Edition”. Just to clarify, this means computer users are downloading an ISO of pirated Microsoft software (and saving to disk on a Genuine Windows system) and a free Microsoft anti-virus product is alerting them to a potential infection in their freshly stolen software. I’m not really sure if ‘irony’ really emphasises the situation enough. But hey, at least the Windows is free**, right?

What’s even more interesting (read: funny) is that despite this, it seems this isn’t enough to stop people from trying to utilize their ill-gotten gains. Underground forums are teeming with helpful hints on how to disinfect your newly acquired (though somewhat ‘not as advertised’) software. No doubt some of the instructions include using other pirated software products.

So you see kids, illegal software is seldom free of all cost. Chances are you’re paying for it in ways you didn’t consider.

Matt McCormack
MMPC Melbourne

*The team down in Australia at least
** Disclaimer: “Free” may be changed at any time to actually mean “cost you”, with one or more of the following words appended to the end: passwords, bandwidth, login information, bank account details, email accounts, credit rating, dignity, ...