In a previous post, I mentioned a nifty service that will scan any file you upload to it with multiple AV programs. It is both useful and socially conscious, since any problems found are reported to all the participating anti-virus makers so that they can continue to improve their products to the benefit of everyone.
Naturally, if there is light there must be darkness: a couple weeks later I found several articles including one by Brian Krebs, that refer to a new breed of such scanners which are based on the premise that they will NOT share their findings with the AV makers, and make no pretense of being created to serve anyone but malware authors. For $1 per file, they can test their nasty little products against the big guys and no-one will be the wiser. And of course, the currency used is virtual, so there’s no trail to follow there, either.
When I was a kid and I was reading cyberpunk books, I thought it was all amazingly cool. Now that I’m living in the future, I’m finding it deeply alarming. The more I learn about the shadow economy, the more it scares me.
I fondly imagine that the people who are reading this blog are savvy enough to have their computers locked down tight, know how to spot phish, and are generally security conscious. Please, share the knowledge. Go to your parents and sibs and friends and help them learn. The bad guys are ahead of the game, so why not make it a little harder for them?