All TechBlog Health Electronics Cozy Corner

Steer clear of fake FBI fingerprint scanner

Author: Omid Farhang Published: March 7, 2010 Reading Time: 2 min

Sources on a number of forums tell me that a certain application is going to be released into the wild in a few days, promoted heavily via sites such as Youtube to attract as many potential victims as possible. I thought it might be beneficial to get a head start on the bad guys and get word out before they hit their big green “Go” switch. What is it? I believe the following screenshot can answer that question: ...

Continue Reading Steer clear of fake FBI fingerprint scanner

Wiseguys Botnet First in Line for Concert, Sports Tickets

Author: Omid Farhang Published: March 6, 2010 Reading Time: 3 min

We frequently read stories about spammers who can circumvent CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) authentication. Using bot-infected machines, they can create a vast number of random e-mail accounts for spamming purposes. This week, a federal judge in Newark, New Jersey, revealed the latest use of a botnet-like network with a CAPTCHA breaker. In this case, the computers overseen by the defendants were used to buy seats for high-profile concerts and sports events from ticket sellers’ websites. The defendents later allegedly resold the tickets on Internet at much higher prices. ...

Continue Reading Wiseguys Botnet First in Line for Concert, Sports Tickets

All browsers are (not) created equal

Author: Omid Farhang Published: March 6, 2010 Reading Time: 3 min

My friends often ask me about steps they can take to keep their systems at work and home free from malware. Apart from the usual recommendation to use alternative, less targeted and therefore slightly more secure operating system like Linux or OSX (OpenBSD would also be an interesting alternative) I used to mention that a change of the web browser would also be very helpful. Internet Explorer is still the most commonly used browser with a little above 60% market share, but its market share is steadily in decline in the last couple of years. I am fairly sure that one of the main reasons people move to Firefox or Chrome is perceived lack of security. Internet Explorer is the most common target for malware and various exploit packs although the latest versions have proved to be much more resilient to various attacks. With most of the users finally making the switch away from IE6 we hope that the exploits will be even less successful in the future. This of course means that attackers are changing their focus to other products like Adobe Reader of Flash, the most commonly used internet applications after browsers. Exploiting Flash or Adobe Reader allows the attacker to abstract the browser version and often the browser itself. Adobe’s attitude to security also does not help. ...

Continue Reading All browsers are (not) created equal

SEO blogger victim of malicious SEO attack

Author: Omid Farhang Published: March 6, 2010 Reading Time: 1 min

On Friday evening I was talking to a North American customer who had been fighting with infections caused by SEO poisoning. They mentioned a particular search term that could generate new samples of FakeAVs. The funny thing was that the website hacked by the SEO poisoner was a blog of someone trying to promote legitimate business use of SEO technologies.. If you click on any of the links returned by the search you would be redirected to an Indian site containing this image: ...

Continue Reading SEO blogger victim of malicious SEO attack

Kuwait, Saudi… and PrIv8 ActiveX ExploiT

Author: Omid Farhang Published: March 6, 2010 Reading Time: 1 min

We all know Brazilian hackers have mastered the art of creating banking trojans. The Chinese are very fond of password stealers targeting online games. The bad guys do have preferences for what type of malware they are creating based on their geolocation. Well, I found this exploit source code from a domain named kuwait{removed}.com The exploit downloads a file named unek.exe, very well known to be an IRC bot. ...

Continue Reading Kuwait, Saudi… and PrIv8 ActiveX ExploiT

Desperate phishing attempt

Author: Omid Farhang Published: March 6, 2010 Reading Time: 1 min

Somebody is trying to pose as F-Secure. If you see an email like the one below, just ignore it: Before you ask: No, we’ve never heard of “F-Secure HTK4S anti-virus” either.

Continue Reading Desperate phishing attempt

Facebook, Twitter Use Skyrockets on Cell Phones

Author: Omid Farhang Published: March 6, 2010 Reading Time: 1 min

New comScore data shows that Facebook and Twitter use has skyrocketed on mobile devices over the past year, and that on-the-go MySpace use is now on the decline, according to MediaPost. Here are the numbers: Facebook now sees 25.1 million mobile users as of January 2010, which is more than double the January 2009 total. Twitter grew to 4.7 million during the same period, which is four times the year-ago total, the report said. ...

Continue Reading Facebook, Twitter Use Skyrockets on Cell Phones

Download Life Theme Pack for Windows 7

Author: Omid Farhang Published: March 6, 2010 Reading Time: 1 min

After the Spring theme pack Microsoft has released a beautiful Life theme. It consists of five beautiful Discovery channel wallpapers based on wild life and nature. This is a official theme and can be applied just by double clicking on the theme file. Download: Life Theme pack for Windows 7

Continue Reading Download Life Theme Pack for Windows 7

Viruses and Digital Signatures

Author: Omid Farhang Published: March 5, 2010 Reading Time: 2 min

Recently, We received some malicious files which appeared to be signed by “Adobe Systems Incorporated”. On closer inspection, however, it was seen that the signature was just a ruse used by the malware author to give an air of legitimacy to the files. Virus writers are getting smarter and going that extra mile to digitally sign their files. Using this technique the malware authors could, for example, penetrate an environment where only signed files are allowed but the authenticity of the signature is not checked. ...

Continue Reading Viruses and Digital Signatures

The Morphing PDF

Author: Omid Farhang Published: March 5, 2010 Reading Time: 1 min

Just when we thought SEO using Flash was as interesting as SEO poisoning can get, it seems it’s getting even sneakier… Imagine a PDF file posted by someone evil online. Of course, Google being Google, the file is recognized as a PDF. And when we open it, it really is a PDF. No evil codes inside, just a good old vanilla PDF file. Three hours later… Google still says the file is a PDF. Brod (one of our geeky guys here) is attributing this to Google’s cache. ...

Continue Reading The Morphing PDF