PCWorld – Update your browser. Ditch Java. Don’t click weird links from even weirder people. Ho-hum. The basic tenets of PC security are burned into the brains of most Web surfers by now. The old malware tricks just don’t work as well anymore.Surprise! Bad guys are getting creative. (Never underestimate the oh-so-powerful combination of greed, boredom, and cleverness.) Rather than targeting Internet Explorer, now they’re gunning for your virtual machine, your video games, and your Web-connected thermostat.
“The more digital our lives become, the greater the number of potential nontraditional entry points for cybercriminals attempting to steal data and wreak havoc,” says McAfee Labs security strategist Toralv Dirro, who referred us to some of the wild exploits highlighted here. Grab your tinfoil hat, and let’s take a walk down wacky-hack lane.
The chamber of chaos
First things first: Many of the more exotic exploits in this collection have been identified by security researchers, but not found in the wild. But before you write off these dangers as tomfoolery confined to labs alone, consider the terrifying case of the U.S. Chamber of Commerce.In 2010, the Chamber was the subject of a deep and complicated intrusion. The penetration was so thorough that once authorities discovered the problem, the Chamber found it easier to destroy some PCs completely rather than scrub them clean.
That’s scary, but what happened after the problem was “eliminated” is even more frightening: One of the Chamber’s thermostats was found to be communicating with Chinese servers, while one executive’s printer began spitting out pages composed entirely in Chinese. And that brings us to the next wild exploit…