There’s an angelically tinged infection doing the rounds at the moment that has more than a whiff of sulphur about it. We can’t say for definite, but it looks like the point of this little angel is to turn your PC into a file storage area for an IRC channel since it dumps you into #music IRC channels and makes sure you can accept various media files. Our tale begins with an Email, claiming you have a “funny picture from Facebook friends” waiting for you at Oast(dot)com: ...
Cybercriminals are attacking bloggers who use Google’s Blogger.com. We have received emails intended for bloggers to update their account. Here’s the snapshot email of the email we have received: The email contains link that will redirect to fake login page of the “Blogger.com”. As seen from the highlighted link, it has a root domain “*.erdca.kr” which is differ from the authentic root domain of blogger.com. The fake login page which is known as phishing site appears to be like this: ...
Google is set to launch an app store for business next week, Mashable has learned from sources close to the company. It will be focused around creating software for Google Apps and could launch as soon as Tuesday. Early last month, news leaked about Google working on its own app store that would give third-party apps and developers the opportunity to sell their software to customers of Google Apps. This included options for increasing security, word-processing and information porting/syncing. ...
Sources on a number of forums tell me that a certain application is going to be released into the wild in a few days, promoted heavily via sites such as Youtube to attract as many potential victims as possible. I thought it might be beneficial to get a head start on the bad guys and get word out before they hit their big green “Go” switch. What is it? I believe the following screenshot can answer that question: ...
We frequently read stories about spammers who can circumvent CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) authentication. Using bot-infected machines, they can create a vast number of random e-mail accounts for spamming purposes. This week, a federal judge in Newark, New Jersey, revealed the latest use of a botnet-like network with a CAPTCHA breaker. In this case, the computers overseen by the defendants were used to buy seats for high-profile concerts and sports events from ticket sellers’ websites. The defendents later allegedly resold the tickets on Internet at much higher prices. ...
My friends often ask me about steps they can take to keep their systems at work and home free from malware. Apart from the usual recommendation to use alternative, less targeted and therefore slightly more secure operating system like Linux or OSX (OpenBSD would also be an interesting alternative) I used to mention that a change of the web browser would also be very helpful. Internet Explorer is still the most commonly used browser with a little above 60% market share, but its market share is steadily in decline in the last couple of years. I am fairly sure that one of the main reasons people move to Firefox or Chrome is perceived lack of security. Internet Explorer is the most common target for malware and various exploit packs although the latest versions have proved to be much more resilient to various attacks. With most of the users finally making the switch away from IE6 we hope that the exploits will be even less successful in the future. This of course means that attackers are changing their focus to other products like Adobe Reader of Flash, the most commonly used internet applications after browsers. Exploiting Flash or Adobe Reader allows the attacker to abstract the browser version and often the browser itself. Adobe’s attitude to security also does not help. ...
On Friday evening I was talking to a North American customer who had been fighting with infections caused by SEO poisoning. They mentioned a particular search term that could generate new samples of FakeAVs. The funny thing was that the website hacked by the SEO poisoner was a blog of someone trying to promote legitimate business use of SEO technologies.. If you click on any of the links returned by the search you would be redirected to an Indian site containing this image: ...
We all know Brazilian hackers have mastered the art of creating banking trojans. The Chinese are very fond of password stealers targeting online games. The bad guys do have preferences for what type of malware they are creating based on their geolocation. Well, I found this exploit source code from a domain named kuwait{removed}.com The exploit downloads a file named unek.exe, very well known to be an IRC bot. ...
Somebody is trying to pose as F-Secure. If you see an email like the one below, just ignore it: Before you ask: No, we’ve never heard of “F-Secure HTK4S anti-virus” either.
New comScore data shows that Facebook and Twitter use has skyrocketed on mobile devices over the past year, and that on-the-go MySpace use is now on the decline, according to MediaPost. Here are the numbers: Facebook now sees 25.1 million mobile users as of January 2010, which is more than double the January 2009 total. Twitter grew to 4.7 million during the same period, which is four times the year-ago total, the report said. ...