ComputerWorld - Defensive Computing: Removing malware is best done from the outside

/Home/Internet Security: Blogs/Internet Security: ComputerWorld blog/ComputerWorld: Defensive Computing

July 26, 2009
by Michael Horowitz

A few days ago, at WashingtonPost.com Brian Krebs blogged about businesses that had money stolen from them courtesy of malware on their computers.

One of the companies was Slack Auto Parts in Gainesville, Ga., which lost nearly $75,000 when "cyber intruders used malware planted on the controller's Windows PC .. [to] ... break into the company's bank accounts, create new user accounts at the bank, and then wire payments to money mules around the country."

What makes this particulary interesting is that after the fact, the anti-virus software used by the company (which Krebs did not identify) failed to find any malware. So too a "hired cyber security expert" gave the infected machine a clean bill of health. It wasn't until the company sought a second opinion was the keystroke logging "Clampi" Trojan horse program detected.

The failure of an anti-malware application to detect a particular piece of malware is not news. Many malicious programs do a great job of hiding themselves.

What to do?

Click the URL above to read the full article