Malware authors go to great lengths to distribute their wares, and they invest significant resources into finding victims and avoiding detection by antimalware products. Attackers experiment with different methods and mechanisms for distributing malware, ranging from exploits to pure social-engineeringâ€“based approaches. Recently, the Microsoft Malware Protection Center (MMPC) has observed a growing trend of malware infection associated with unsecure supply chainsâ€”the websites, protocols, and other channels by which software and media files are informally distributed, both legally and illegally. Unsecure distribution mechanisms range from underground sites where pirated software and media are openly exchanged, to legitimate websites that make shareware or free music files available for public download. In some cases, malware has even been discovered preinstalled on computers sold at retail. Any mechanism by which untrusted parties can distribute files to a wider audience without sufficient safeguards in place is a potential vehicle for malware dissemination.
This section of the Microsoft Security Intelligence Report examines how attackers take advantage of these unsecure supply chains to distribute malware to victims around the world, with data and analysis about the problem based on Microsoft antimalware telemetry. It also provides guidance that computer users and administrators can use to help protect themselves from malware distributed through unsecure supply chains.