Malware writers getting clever with Java

It appears that Java is being used increasingly in malware attacks.  In this article there is mention of compromised web sites being used to deliver the malware.  It’s sophisticated enough to be able to tell if the payload will be delivered to a Mac or a PC and alter itself accordingly.  Given that Java is pretty much everywhere, malware can be written to take advantage of it and work on pretty much any system.

While it doesn’t happen all the time, many malware require the computer user to do something to allow for its installation.  With Windows Vista and 7, this became more likely with User Account Control popping up whenever something was going to be installed.  My normal advice here is that you should be saying “no” unless you were intentionally trying to install something.  This advice is not often heeded because inexperienced computer users may not have the necessary background to know when to not say “yes” to one of these.

In my opinion, you’re probably better off saying “no” when you aren’t sure and asking someone more experienced to guide you on how you should be responding to these dialogs.

It’s probably another good time to talk about making regular backups of your system.  Since some of this malware can be rather catastrophic to how your computer operates, sometimes the only way to get rid of it is to completely erase your computer and reinstall everything from scratch.  In my experience, malware is either of the “minor annoyance to the expert” variety or the “gotta nuke it from orbit to be sure” variety.  By making regular backups, you assure yourself the ability to recover from the latter if it occurs.

Comments are closed.