Malware: a common threat
Malware represents a common threat for all users out there surfing the web. It doesn’t have ethics or a message to spread, like viruses used to have (not all had dangerous payloads).
Another thing about malware, as I pointed it out in my article about the AV industry, they tend to use the same code with minor modification; to be read as strains. If you’re new to this term (Malware), then I would recommend you an introductive article: Stop malware in it’s tracks.
Following the latest article on F-Secure Downadup has 2,395,963 infections worldwide. Of course this is an optimistic scenario, even for a skeptic person at numbers as I am. You can see now the big threat that malware posses, that’s why we should protect ourselves…
Greasemonkey: Malware Script Detector
Malware Script Detector is a Greasmonkey script which will:
Detect & Alert Malicious JavaScript : XSSProxy, XSS-Shell, AttackAPI, Beef. But No guarantee for full prevention of XSS-Injection threats. Many ways to bypass it such as via iframes but I’m sure it protects you from casual attackers.The main objective of developing Malware Script Detector is that I’m so much afraid of XSSProxy, XSS-Shell, AttackAPI, Beef and I want to detect them. Malicious sites intentionally embed them. Firefox XSS Warning addon can’t check this.
It’s a highly recommended script, because malware scripts can be as dangerous as normal malware. The difference is that normal malware posses little threat if you download software from official sources, and verify the checksum…
Malware Blocker
Malware Blocker is a tool useful before and after infection. The description of the program (as taken from SourceForge):
Malware-Blocker blocks communication from your computer to any server that is known to be a malicious one. It does that by replacing your HOSTS file (deep inside Windows directory) with a blacklist of malicious servers, which are redirected to 0.0.0.0
The projects last update is from February 2005. Although likely outdated it maintains a constant number of downloads, this being the reason I recommend it. Who knows what funky old school malware will you cross upon one day…
MalZilla
This is an unexpected turn, is it? First of all you would probably like to know what MalZilla is. In simple words:
Malzilla is an advanced malware-hunting tool specialized for hunting web-based exploits, decode obfuscated JavaScripts etc.
Although limited only for malware scripts I can guaranty you that its very good at it, giving you all the tools needed for such a task. More information in it’s own pdf file, which comes along with the package.
Most of you can ignore the last application presented, I would think that having the first two installed is more than enough for regular users. And no, it’s not dangerous playing with malware if you got the proper tools.
