Hackers use malware to control personal computers


CLEARWATER, Fla. – Just a few years ago, chances were relatively low that hackers could take control of your personal computer.  For them to do so, you would have likely been tricked into downloading software or opening up a malicious email attachment.

[WEB EXTRA: How to protect yourself ]

But now, computers can secretly be infected with malware simply by visiting your favorite websites, according to cybercrime experts.

"Everybody is out to get you," said Marcin Kleczynski, CEO of Malwarebytes.  "You open your email, there could be a threat there.  You open your browser, there could be a threat there."

Kleczynski's company, which provides free and paid anti-malware services, recently opened a Cyber Crime Analysis Center in Clearwater, where engineers are attempting to identify the latest threats to computer security before they strike.

"We are in the deep, dark parts of the internet watching these guys evolve.  And its just very scary," he said. 

The latest way hackers are gaining access to computers is by hiding malware on mainstream websites such as Yahoo and YouTube, according Kleczynski.

"Unfortunately, 'safe surfing' no longer applies," said Bruce Harrison, Malwarebytes vice president of research.  "You don't have to click on anything.  You don't have to do anything wrong.  You simply go to the wrong website on the wrong day and you are infected."

Once a computer is infected, the thief can steal your bank account information, photos, and other private data. 

Hackers can also use your computer to launch cyber attacks on others, making your home computer an accomplice in a crime, according to Kleczynski.

By secretly seizing control of thousands of computers in what's called a botnet, hackers can remain anonymous while letting innocent computer owners do their dirty work.

"The vast majority of spam you get does not come from a spammer," said Harrison.  "It comes from a network of botnets sending spam.  So you can't shut the spammer down because there is no spammer.  It's a network of bots."

A more sinister attack involves holding computer data for ransom.  The thief posts extortion letters on the screen, sometimes claiming to be from the FBI, informing the users that all of their files are now locked.

"It encrypts all of your files on your hard drive - pictures of your family, your documents, your resume - and holds it for ransom," said Kleczynski.  "It tells you, 'I want $300 to decrypt this.'  And you have no other option but to pay."

To protect yourself, Klecynski suggests installing anti-malware software, such as the free and paid versions offered by his company and other software developers. 

"We also recommend that you don't open emails if you don't know the sender.  Even if you do and it looks suspicious, always ask to make sure. Don't click on links, don't visit websites you shouldn't be," said Klecynski.