**Mac: Hi PC, Iâm not feeling so hot today⊠** PC: Oh, I know ALL about that. I think you have a virus! Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term. Thatâs exactly the model Apple has employed successfully for some time now. However, its luck finally appears to be running short. ...
I was reading an article on PCWorldâs website about the upcoming Google Chrome OS: So far so good. Except that I inadvertently clicked on one of their sponsored links: which ironically states âHere is all about spyware removal and even more.â After a few redirects, my browser is hijacked by one of those FakeAV scanners: Here is the HTTP traffic capture screenshot and log: ...
An Arizona computer specialist has admitted taking part in a conspiracy that used large networks of compromised computers to inflate the value of stocks so they could later be sold at a profit. James Bragg, 41, of Chandler, Arizona, pleaded guilty on Wednesday to conspiracy to commit securities fraud and fraud, prosecutors said. He faces a maximum sentence of five years in prison and a $250,000 fine. It wasnât immediately clear when sentencing is to take place. ...
This is a pretty neat attack from the malware pushes leveraging on the ignorance of the average user â which in all honestly is a safe bet most of the time! You could consider it a Social Engineering attack as itâs taking something thatâs familiar and changing it to deliver malware. Iâm sure all the Firefox users reading have at some point or another been faced with the warning screen that tells you a site is not safe to visit, the red page which states in big white letters âReported Attack Page!â. ...
Kaspersky Lab now admits that people attempting to buy Kasperskyâs security products on Oct. 17 were redirected by hackers to a scareware site with links to fake antivirus software called Security Tool. Hackers have caused serious embarrassment for a major security technology company. Kaspersky Labâs Website was hacked over the weekend, sending customers looking for security software to an external download page pushing counterfeit software. When users tried to download software from Kaspersky on Oct. 17, they were redirected to a malware site that tricked users into downloading fake antivirus software called Security Tool. Once executed, Security Tool displays pop-ups reporting a number of vulnerabilities and threats âfoundâ to scare users into buying what it says is a full version in order to fix these problems. ...
You might be wondering why the frontpage of Twitter has a big âEditâ line running through it in the screenshot below: The answer, of course, is that this is not the real Twitter page at all. Itâs part of an increasingly popular kit used for shenanigans: The scammer downloads the zip, edits the links in the .htm file and places something likely to catch the attention of an end-user underneath the âEditâ line. The fact that the fake content is sitting directly underneath the âNew Twitterâ promotional text is not a coincidence. ...
Sometimes we encounter childish messages from the authors in the body of malware. A variant of the TDSS family we got recently is even going a step further by offering a convenient location for a malware signature. The samples include the message âPut your signature hereâ, which is shown when run inside a debugger. While in many cases signatures could be still useful for detection, Avira prefer to use other technologies which are more generic and proactive. This is especially the case with malware families like TDSS/Alureon, whose authors continuously adapt their creations so they are able to work around even proactive detection in a short time. This variant is detected as TR/Crypt.XPACK.Gen3. ...
Variants of the infamous ZeuS cybercrime toolkit have begun using the tactics of the infamous Conficker worm in a bid to get ahead of security defences. The so-called Licat worm, which is âstrongly linkedâ to ZeuS, represents a likely attempt to reinforce botnets following recent arrests of suspected bank fraud money mules, as well as hackers tied to ZeuS in the UK, US and Ukraine over the last month or so. ...
W32.Stuxnet has been a subject of much discussion amongst security researchers and media, and we posted a series of blogs on the subject. As you may already be aware, Stuxnet is hot topic as the threat targets industrial control systems in order to take control of industrial facilities and systems, such as manufacturing assembly lines and even power plants. Because Stuxnet is such major news, the miscreants who like to spread malware are not wasting much time taking advantage of this for their malicious activities. In our investigations we have discovered that various forums are discussing a free Stuxnet removal tool but unfortunately the tool is actually a piece of malware. We successfully obtained a sample of this tool and our analysis supported our sense of danger: Bottom line is, do NOT run the tool. ...
Stuxnet continues to be a hot topic. Here are answers to some of the questions weâve received. Q: What is Stuxnet? A: Itâs a Windows worm, spreading via USB sticks. Once inside an organization, it can also spread by copying itself to network shares if they have weak passwords. Q: Can it spread via other USB devices? A: Sure, it can spread anything that you can mount as a drive. Like a USB hard drive, mobile phone, picture frame and so on. ...