Survey Malware Could Be 'Portent' of Bigger Threats


Hackers are always finding new ways of getting PC users to give up information or money. Recently they've appropriated an annoying but usually innocuous online fixture, a pop-up window that asks users to complete a survey, for their nefarious activities.

According to Adam Kujawa, a lead analyst for Malwarebytes, this malware employs ransomware-like tactics to keep the window in the center of the screen. Users are unable to minimize it, and the window will cover all other windows the user opens, including videos, games and Web browsers. And, he said, the window can also cover the Malwarebytes installation interface so it’s difficult to run a scan against the malware.

Users are asked to take a survey or accept a "special offer" to unlock their systems.

The only way to eliminate the window is by using keyboard shortcuts such as the Windows key, Ctrl and 1, Kujawa said."Point-and-click methods won't work." Malwarebytes security software also can be run from a PC's command line, he added.

While individual users are more likely than groups of enterprise users to be victimized by this malware, "if a company hasn't secured its systems well enough, a vector used to infect one system could conceivably affect the rest of the network," Kujawa said.

Though it's difficult to determine which group or groups might be behind this variant of malware, Kujawa said it could be Russian organized crime gangs that are "known to use this kind of malware, or any malware, if they think they can get enough money from people."

Sign of More Sophisticated Security Threats

Malwarebytes saw a "huge increase" in malware in 2012, he said. The security company believes at least 2,000 new variants of malware are created every hour of every day, many of which are spread via infected email messages or offers to download free software. According to Malwarebytes, malware led to a loss of some $5 million last year.


Malwarebytes isn't the only security company that has noted an increase in this kind of malware activity. Symantec in November published research that found ransomware has become increasingly effective over the course of the last year and is set to become a major security trend to watch in 2013.

Hackers change their methods frequently in an effort to stay ahead of "good guys" like Malwarebytes and other security companies, Kujawa said. In addition to being "incredibly annoying," Kujawa worries the survey-based malware could be "a portent of much larger threats."

"The possibilities are kind of infinite in terms of what you could make a user do if their system is being held hostage," he said, mentioning that users could be forced to host illegal files, for instance. "Where does it end?" he asked.

This type of malware is especially insidious, he said, because "many of us are online, all the time, and it's a pretty big deal when we cannot access our devices."

Ann All is the editor of eSecurity Planet and Enterprise Apps Today.