"Personal Security" is malware
Mom had an infection on her computer that would hijack Firefox when she clicked certain links. It would run a bogus "security scan" in a web page that was made to look like a Windows XP system dialog box, and then try to make her download something to "fix" the many scary problems it "detected". She was too smart to do that (good for her!) but when she tried to navigate away from the page it would throw up a defensive screen of modal dialog boxes with misleading options and she would have to force-quit Firefox.
We looked it up and found out it was a well-known piece of malware "Personal Security", a scam that tries to get your money by generating bogus security threats and then demanding you upgrade to the paid version in order to fix them.
The software equivalent of a scam that involves criminals dressing up as police officers, in other words. Pure evil!
MacAfee, as usual, did absolutely nothing. Mom was able to get rid of the infection with a free program called Panda Cloud Antivirus.
Just throwing this out there as a warning, so y'all have some idea of how to recognize this Personal Security malware and know at least one way to get rid of it.
Still not sure how she got infected in the first place. I need to talk to the Firefox security guys about it and see if there's more we could be doing to block this kind of attack.
Java is the new giant web security hole
You may recall my mom's computer got infected with malware called "Personal Security". It turns out that the attack vector used by Personal Security, as well as a bunch of other malware that got on there, was through a security hole in the Java plugin.
It seems that Java exploits have skyrocketed especially in the second half of 2010. Computer criminals accept payment from other criminals to deploy whole bundles of random crapware via the holes in the Java plugin.
Friday, a week ago, I got what I think was my first-ever malware infection in 25 years of using computers.
I was using my Windows laptop. I had run Internet Explorer ONCE in order to check compatibility of one of my HTML5 game programming demos. I don't know whether IE was how it got in or whether it was through a Java security hole or what, but the timing was suspicious.
It was something called "Windows 7 Total Security" which is the same thing, just with a different name, as what my mom got -- malware that pretends to be an antivirus program, bombards you with spurious warnings about hundreds of imaginary viruses, and tries to get you to pay money to get rid of them. My version was somewhat worse in that it wouldn't let me go to any websites at all - every site got replaced with a bogus security warning.
I used Panda Cloud antivirus (goddam it people, stop calling everything "cloud", it's lost all meaning. At this point as far as I can tell "cloud" is a synonym for "internet".) Despite the stupid name, it worked.
Or did it? I was left unable to run any programs, because when I double-clicked an .EXE file it asked what program I wanted to use to open that file. The registry had gotten corrupted so that the file-type association for "EXE" was broken -- and I couldn't even run regedit.exe to fix it. I couldn't launch things from the command line even, because that's "cmd.exe". I finally found a website describing this problem and downloaded a sketchy batch file that successfully fixed everything.
Not sure if there's a larger lesson to draw from all this, other than that bad people who write viruses suck and should go to jail.