Singapore may have cleared its pirated stores years ago, but folks going on the Internet instead for pirated software may now be the biggest reason for infected PCs in the country, according to a Microsoft study.
These users unknowingly open their PCs to attack when they download “keygen” software, which promise to generate serial numbers to unlock popular applications such as Microsoft Office, but often open a back door to hackers.
Such keygen software was detected by Microsoft in 14.6 per cent of infected computers in Singapore in the fourth quarter of 2012, according to the company’s latest Security Intelligence Report released twice a year.
Indeed, keygens top a list of “unwanted software” responsible for three of the five most common types of infections in Singapore PCs. All in, such “unwanted software” is found in close to 40 per cent of PCs here that are infected with some form of malware.
The insights come from data that Microsoft culled from more than a billion computers, through its PC malware removal and security tools, security scans of Hotmail e-mails and malicious webpages scanned by the Bing search engine.
The good news is that Singapore is facing fewer infections over the years. In the last three months of 2012, Microsoft “cleaned” less than four PCs out of every 1,000 scanned, down from almost six out of 1,000 a year ago.
Globally, this figure is now at about six out of 1,000 PCs. Compared to the region, Singapore’s malware problem is more serious than Hong Kong, Macau and Japan, while being less pronounced than India and Malaysia.
There is a possible link between the use of pirated software in a country and a higher rate of infected PCs, said Tim Rains, Microsoft’s director for trustworthy computing, in an interview with Techgoondu on Monday.
In some countries – he did not specify which – Microsoft teams had gone out to buy PCs in retail stores and found pirated versions of Windows and other software, along with malware and “back doors” installed right out of the box, he noted.
The advice from Microsoft is to buy newer versions of Windows, which are hardened with more up-to-date defences. Windows 8, for example, comes with anti-virus software built right in, so users do not have to install it separately.
Besides not downloading software from dubious origins, users should also be aware of an increasingly popular type of exploit called IframeRef.
A hacker typically hides code in a legit-looking website that quietly opens a separate webpage that contains all sorts of malicious code to be run on a PC without a user knowing.
According to Microsoft, this is one of the fastest-growing threats worldwide. It was detected close to 3.3 million times in the fourth quarter of 2012.
To ward off such attacks, Microsoft advises users to update their browser software as well as anti-virus applications regularly. Surprisingly, in Singapore, 29 per cent of PCs don’t have up-to-date anti-virus defences.
Separately, website owners should check that their webpages are not silently infected with “hijack” code that sends malicious instructions to visitors to harm their computers.
(click to open infographic)