‘Healthy dose of suspicion’ the best way to protect computer
Vito Pilieci
Sun
Hackers have taken the computer virus to a new level with an elaborate “pump-and-dump” scheme that manipulates stock prices, experts say.
The Storm, a worm program which masquerades as an Internet greeting card from a friend or relative, has already infected millions of computers around the world and its reach is said to be expanding daily.
The worm relays contact information to a hacker who uses the addresses to e-mail documents recommending hot stock tips — driving up prices so he can profit.
“This is all controlled by one group or person,” said Joe Stewart, senior security researcher for Internet security firm SecureWorks. “They target a stock, then send out these messages. Then they go and cash out.”
The Storm worm appeared in January but was slow to take root, Stewart said. By the end of May it had affected only about 2,800 of his clients’ computers.
However, in the past two months it has infected more than 1.7 million of the computers he monitors for clients. This means the actual number of infected machines is far higher, he said.
He said having a current antivirus program is no safeguard against new threats such as Storm.
“Up-to-date antivirus is the least effective measure. A healthy dose of suspicion is your best bet,” said Stewart. “You really need to be suspicious of any links or attachments from anyone. Shoot an e-mail back to that person.”
Storm distributes official-looking documents that appear to come from reputable source of financial information. The documents, in attachments such as Adobe .pdf files or Microsoft Corp. Excel files, promote a promising company that has just cleared some huge regulatory hurdle, made a major new gold discovery or completed a big sale. The reader is urged to buy stock while the share price is still low.
In one recent example, Storm pushed out a “tip” about a penny-stock company called Vision Airships Inc.
“The key is, knowing when to get on and when to get off a stock,” reads the message from Storm. “This ride is not over. Jump on now and ride the price up on the highest return ‘day trade’ we have featured this year.”
Companies touted in the messages are usually worthless. But the hacker is holding on to a mountain of shares he can sell when they jump in value.
The virus also leaves a back door open on computers so the hacker can come back at any time.
Catching the hackers is difficult.
“They are using stolen accounts,” said Stewart. “They are taking other people’s accounts and use that to channel the money.”
The Ontario Securities Commission regularly gets complaints from concerned investors about strange e-mail messages, said Scott Boyle, assistant manager of investigations. The OSC is the regulator responsible for protecting investors in Ontario.
He encouraged investors to do their homework.
“At the end of the day, it’s just spam,” said Boyle. “It’s a simple process to contact the regulator and see if they are licensed to do business.”
A similar scam was broken up by the U.S. Security and Exchange Commission in March.
© The Vancouver Sun 2007
