{"id":39,"date":"2013-02-02T18:35:38","date_gmt":"2013-02-02T18:35:38","guid":{"rendered":"http:\/\/www.xvudrive.com\/blog\/?p=39"},"modified":"2013-02-02T18:35:38","modified_gmt":"2013-02-02T18:35:38","slug":"the-many-faces-of-malware","status":"publish","type":"post","link":"http:\/\/www.xvudrive.com\/blog\/the-many-faces-of-malware\/","title":{"rendered":"The many faces of malware"},"content":{"rendered":"<p>ARSTechnica <a href=\"http:\/\/arstechnica.com\/security\/2013\/02\/viruses-trojans-and-worms-oh-my-the-basics-on-malware\/\">recently discussed<\/a> the various types of malware.  The article is well done, and a great basic primer on the various types of infections that can occur, but made me think of all the ways the XVUDrive can protect you from these threats, including ways to facilitate even stronger security in coming releases.<\/p>\n<p>Here&#8217;s the rundown of how the XVUDrive will protect you against these threats:<\/p>\n<p>Backdoors:<\/p>\n<p>&#8220;As an example, a backdoor was used to hack into RSA&#8217;s systems in 2011. This was a targeted attack&#8230; sending innocent-looking phishing e-mails to workers&#8230; (that) contained an Excel file with an embedded Adobe Flash file that installed the backdoor&#8221;<\/p>\n<p>First, the use of a separate OS from your day-to-day PC&#8217;s OS prevents attacks similar to this from occurring.  The attack would likely have been against the primary OS, and the XVUDrive would have remained untouched.<\/p>\n<p>In the event the email was launched against the XVUDrive, and the user loaded the application two things would occur.  1. The attack would likely not have included a payload that would be effective against the XVUDrive&#8217;s hardened Linux OS.  While Windows OSes have tens of thousands of viruses written for them, the number of threats for even the most insecure Linux OS is <a href=\"http:\/\/en.wikipedia.org\/wiki\/Linux_malware#Viruses\">in the dozens<\/a>.  2. Even if the user clicked the link, and was infected by a payload, the XVUDrive&#8217;s hardened OS would eliminate the threat immediately upon rebooting the device.  Threats cannot survive reboots unless the payload is re-run on each boot.<\/p>\n<p>Remote Access Trojans<\/p>\n<p>&#8220;The main difference between a RAT and a traditional backdoor is that&#8230; the attacker can&#8230; issue commands to&#8230; the compromised machine.&#8221;<\/p>\n<p>This is another vital piece in a hacker&#8217;s arsenal.  By being able to remotely run ANY piece of software, install ANY additional virus, and fully control the user&#8217;s PC, a RAT allows for a single infection to turn into a cat-and-mouse game of the attacker installing a virus, the user cleaning the virus, then the attacker installing another virus.  This can go on for months or years until the attacker&#8217;s servers are shut down or they move on to another target.<\/p>\n<p>The XVUDrive is not immune to RATs, but has a built in firewall to help prevent unauthorized access, and again, very few RATs exist on any form of Linux.  Also, upon reboot, any RATs would be eliminated, limiting the far reaching scope of most RATs to a single session.<\/p>\n<p>Information stealers<\/p>\n<p>&#8230;&#8221;keyloggers, desktop recorders, and memory scrapers, which can steal passwords, financial credentials, proprietary data, &#8216;or anything that the attackers can use to their advantage or monetize.&#8217;<\/p>\n<p>These are the main focus of the XVUDrive.  We&#8217;ve previously posted about Red October, an information stealing virus that existed on the computers of some of the world&#8217;s most secure networks for five years without detection.  The XVUDrive directly prevents data theft by booting into a completely separate environment than the infected OS and it&#8217;s operations are completely inaccessible by any virus on the primary OS.  By using your XVUDrive diligently, you massively restrict access to your private information.<\/p>\n<p>Ransomware<\/p>\n<p>&#8220;This type of malicious program essentially holds a computer hostage unless the user pays a ransom. To have access restored, the user needs to pay a ransom &#8230;or the criminal can just take the money and not bother anymore&#8221;<\/p>\n<p>While the XVUDrive cannot protect your primary OS from this type of infection, which is the focus of the attack, you can use the XVUDrive to continue to use your computer even when infected by ransomware.  Also, if you&#8217;re browsing sites that are commonly considered &#8220;High risk&#8221; like small blogs or even pornographic material, use your XVUDrive and keep your Primary OS safe from losing all of your family photos, documents, and applications.<\/p>\n<p>In summary, your XVUDrive can help keep you safe from most of the common infections.  While nothing is 100% secure, using your XVUDrive both for highly secure websites and for &#8220;high risk&#8221; websites can help prevent infection by these four most common threats.<\/p>\n<p>Surf Safe!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>ARSTechnica recently discussed the various types of malware. The article is well done, and a great basic primer on the various types of infections that can occur, but made me think of all the ways the XVUDrive can protect you &hellip; <a href=\"http:\/\/www.xvudrive.com\/blog\/the-many-faces-of-malware\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-39","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/posts\/39","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/comments?post=39"}],"version-history":[{"count":2,"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/posts\/39\/revisions"}],"predecessor-version":[{"id":41,"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/posts\/39\/revisions\/41"}],"wp:attachment":[{"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/media?parent=39"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/categories?post=39"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.xvudrive.com\/blog\/wp-json\/wp\/v2\/tags?post=39"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}