A few weeks ago, I wrote a newsletter about my frustration with a Trojan virus that had infected my computer. It was a virus I downloaded because I was impatient and clicked on an update for Adobe Flash— a program I now know Mac doesn’t support. When I took my computer to Best Buy, I told them how I thought it happened and they fixed it…for a few days. And now it’s back and growing.
This morning, I met with Rich at Best Buy. This time I made an appointment. He was great and removed many lines of infected code from places I didn’t even know my computer had. Rich was chatty and I really do want to understand, so I hung around at Best Buy with Rich for over an hour. I learned many things about my Trojan. First of all I learned it was a focus virus and basically what it wanted was to infect Safari and learn where I spent my time online. That’s how they—the hackers who created it— got paid. They would sell my search information to advertisers.
I found that interesting: not that a virus would target my search history but that they would do it in such an annoying way. By making my computer act weird, they alerted me to the problem. I can’t imagine anyone wouldn’t notice. I figure my search histories are being watched by someone already. I don’t think there is a way to completely prevent it.
So I asked Rich what was so special about creating a Trojan such as mine.
He said, “The value is in its ability to hide. Right now it is annoying and clunky and most people will notice right away. But it’s also really hard to get rid of. If I missed even one line of code the Trojan will start growing again. We’ll have to see.” (Not something I wanted to hear). “ The hackers will keep working on it. If it shows promise, they will make it smarter. If it becomes so smart that consumers don’t notice, then the hackers have struck gold. Eventually virus scan programs will deal with it because the good guys are always trying to outsmart the villains. It’s a race.”
What can I do? For now I will cross my fingers that Rich has found every last strand of code. If it comes back, I will have him completely wipe my hard drive. If that doesn’t work? If the virus has evolved so much that it has truly infected my computer? Wait, that’s not possible is it? For now I am going to assume it isn’t and work as fast as I can before any leftover code strands have a chance to GROW!