The internet is rife with free tools from anything to everything (almost) – from free HTML web editors to free applications to free games and so on.
We’ve been in this situation before. Sometimes out of curiosity or “affluenza” (also known as “I-GOTTA-HAVE-IT-NOW-NO-MATTER-WHAT”), we are tempted to install some of these free tools and applications from the web.
The unfortunate problem with freebies is that unless you know the source of where you download the tools from and whether the software author who created the application is credible, you are literally at the whim and mercy of the author should you choose to download and install the application.
To make matters worse, some download websites don’t even bother to check and verify every piece of software application that was uploaded to their website. Some do not even bother to perform any kind of anti-virus scanning of the uploaded software.
Take a look at this piece of software that was touted as a web tool obtained from a download website.
This tool was supposed to be a HTML editor but upon running, clearly something was wrong. No trace of the software was visible after running the application. This should signal a giant red flag that something is horribly amiss. To make matters worse, unless you happen to know what to look for, you’d be hard pressed to find what kind of activity or system changes has been made on your computer (click on the picture below to see a clearer image of the registry entry made by this Trojan).
In this case, this backdoor Trojan (Troj/Bifrose-ZI) manifested itself as a file on your Windows System folder and created a registry entry to run itself upon the next startup (notice how notoriously difficult it is to know what and where to look for?). You now have a backdoor Trojan active on your computer which a remote intruder can use to gain access to your computer. The type of malicious activity that can then take place on your computer can range from using your computer to download more malware, to turning your computer into a botnet zombie to stealing confidential information etc. etc. – you get the idea.
If you’re an avid internet user who loves downloading freebies, then this article should scare you and rightly so. Not everything that glitters is gold, as they say.
Great. So how do we protect ourselves against such scams and malware?
For one, I have always believed in the KISS (Keep It Simple Stupid) principle.
Before you download any application, pause and think whether it’s really necessary to have that software or whether it’s going to do nothing but put more “bloat” on your computer (you know a particular software is “bloatware” when you have not touched it in the last 6 months). If you’re uncertain, just go away from the computer for a few moments to think it over. Never ever download free software at a moment’s whim.
Last but not least when you’re browsing the web, always check that your anti-virus software is running, your firewall is enabled and ensure that all these software security solutions are updated regularly.