Review

During our analysis of the different malware families we sometimes stumble upon some messages inside the viruses placed there by their authors. For example, the TDSS Trojan family is known to contain random strings from “Hamlet” and from the Bible. Also there is the Koobface family which contains random sentences – mostly taken from Wikipedia articles, like in the last variant we discovered, about the Tower of London. TDSS: ...

The New York Times is reporting a rising number of law suits against some major players because of their use of persistent web tracking: — Fox Entertainment Group — NBC Universal — Specific Media — Quantcast The Times said the suits are claiming that the companies used Flash cookies to collect data on browsing activities in spite of the fact that users had privacy settings on to block them. Those Local Shared Objects (LSOs) are persistent cookies that are stored in several ways and in some cases will restore themselves when deleted. One is available, with a detailed description here. ...

We received new spam emails which contain a JavaScript redirector in form of a HTML attachment. The emails we received have the subject “Consultation Appointment”. The decrypted JavaScript consists of new JavaScript code. This JavaScript redirector loads yet another JavaScript from the internet. The domain which is hosting the malicious .js is registered to someone from Malaga. Domain tools show that this person has registered about 2.400 other domains. ...

Resident Evil. Man, those films are terrible. Frankly, I’m happy to end the writeup right there, but if I did you’d miss out on all the fun. Resident Evil Afterlife is now in cinemas (unfortunately) and scammers are all too happy to cash in. watchresidentevil4(dot)com is our port of call today: Try to watch the film, and you’re prompted to install ClickPotato (from Pinball Corp). There’s also four other items preticked, which is nice of them. Installing that lot gives you a prompt to “see premium content”. ...

A worm collectively dubbed by the security industry as the “Here you have worm” has been making its way onto corporate networks over the past 24 hours. The worm arrives via e-mail using the subject line “Here you have” or “Just For you“ along with an executable disguised as a PDF file. It first appeared last month sending spam e-mails from [email protected]. The worm creates the following files: (Note: See the full report in our sandbox -> http://x.maldb.com/?p=44309#more-44309) ...

If you’re as big as Google, there’s no such thing as a small product launch. So when Google introduced voice calls into its webmail service Gmail, essentially launching a Skype competitor, it was bound to be a popular feature. How popular, exactly? Well, according to a tweet from Google, the users seem to love it, as more than one million calls were placed in the first 24 hours since the feature went live. ...

The Phoenix New Times has reported that the CEO of LifeLock ID theft protection service of Tempe, Ariz., has had his identity used by rip-off artists 13 times since 2007. CEO Todd Davis advertised his social security number publically to assure customers that his service could protect their identity. The service cost $10-15 per month. In March we blogged the story when the U.S. Federal Trade Commission and LifeLock reached a settlement in which the company would pay $12 million – $11 million of which would be refunded to consumers – for fraud. ...

It seems like anyone who wants to be anybody is whacking Facebook over its loose — or rather loosening — privacy policies. Earlier this month, with disregard to the grammer momma taught me, Even I whacked CEO Mark Zuckerberg aside the head about Facebook privacy. As bad as pundits make out Facebook privacy to be, people can, and do, reveal plenty of information on the Web, too. Which place do they reveal more? I set out to find out in a non-scientific experiment, looking for publicly available information about one of my sisters. ...

Thirty-two days ago, I purchased Apple’s iPad, after proclaiming that I wouldn’t. A gadget like this one should be tested if repeatedly blogged about. I would have used a for-reviews loaner, but I’m on the same fraked list as Gizmodo. I bought my own. A month-or-so usage later, I agree with Tumblr and Instapaper developer Marco Arment, who asked about iPad yesterday: “What’s it for, really? Logically, it doesn’t make a lot of sense for most computer owners…most people will have trouble justifying the $500 entry price.” ...

With competition in the Web browser field having transitioned from cold to boiling in less than a year’s time, Mozilla suddenly finds itself playing catch-up against not only Apple and Google, but Microsoft as well. In March, the organization realized it needed to completely make over Firefox 4 if it wanted to remain feature competitive against a fast-rising Google Chrome. In a live presentation yesterday, Mozilla Firefox director Mike Beltzner admitted that his group’s March roadmap, which involved an interim release of Firefox 3.7, had too many steps. Now the group has decided to straighten out its path by grafting version 3.7’s main additions onto a point release Firefox 3.6.4, and shifting gears to focus on version 4.0. ...