Help | Contact | Forum | Affiliates | Press
Purchase
Download
Features
Screenshots
Demo
SAN JOSE, Calif. — The sudden takedown of an Internet provider thought to be helping spread one of the most promiscuous pieces of malicious software out there appears to have cut off criminals from potentially millions of personal computers under their control. But the victory was short-lived. Less than a day after a service known as "AS Troyak" was unplugged from the Internet, security researchers said Wednesday it apparently had found a way to get back online, and criminals were reconnecting with their unmoored machines. The drama initially raised hopes of a sharp drop-off in fraud, because criminals could no longer communicate with many computers infected with a type of malware known as "ZeuS," which is mostly used to steal online banking usernames and passwords. Hundreds of criminal operations around the world use the malware. It's unknown how many computers are infected with ZeuS, but it's estimated to be in the millions. Cisco Systems Inc. said as many as 25 percent of the world's ZeuS-infected machines were unplugged from the massive "botnet" overnight with the takedown of AS Troyak. Botnets are networks of infected PCs that behave like criminals' remote-control robots. They steal identities en masse and are used to attack Web sites. But instead of a slam-dunk victory, the incident wound up highlighting the whiplash pace at which criminals can resurrect their illicit businesses after what should have been a devastating setback.
It's being rolled out to Direct Messages first, where much of the spamming occurs. All links sent through Direct Messages will be submitted to this service. They'll be checked for spam and then shortened using a twt.tl root link. Twitter says that even if a bad link has already been sent out through a Direct Message, if a user clicks, Twitter will be able to protect them. Spam has been a problem for Twitter. If you're a regular user of the service, I'm sure you've had your fair share of Direct Message spam. There's also a ton of spam in public tweets and @ replies. Hopefully, this solution works for Twitter and they'll be able to provide better spam protection for the main Twitter feeds. Spam is a social network killer and one of the reasons for MySpace's demise. Now, if we can only get Justin Beiber to stop being a trending topic.
(Reuters) - A California man angry about a denied insurance claim was arrested and charged with extortion after he sent an email to New York Life threatening to damage its business, federal prosecutors and a company spokesman said on Monday. Anthony Digati, 52, of Chino, California, also threatened to send computer spam to the insurer in his attempt to extort about $200,000, according to Preet Bharara, U.S. attorney for the Southern District of New York. "I have 6 MILLION emails going out to couples with children age 25-40, this e-mail campaign is ordered and paid for," the criminal complaint quoted a February 22 email as saying. "2 million go out on the 8th (of March) and every two days 2 million more for three weeks rotating the list," it went on. "Of course it is spam, I hired a spam service, I could care less, The damge will be done." Digati could not be reached to comment at his home telephone number. New York Life insurance company spokesman William Werfelman confirmed it was the target of the threats. "After Mr. Digati contacted the Company with his threats we conducted a thorough internal investigation and determined the best course of action was to turn this over to the FBI for their assessment," the spokesman said in an emailed statement.
Got an email address? You're getting spam. Your mail provider might be doing a good job of screening you from420 it, but spam on the Internet is as common as Botox at the Oscars! Unfortunately email spam isn't the only spam variety. There's also link spam. Unless you run a website you might not know about link spam. It's a way for 'blackhat' webmasters to pump up the value of their sites and it all relates back to how search engines work. Not only do search engines check the content of websites they also check to see who trusts or depends on those website. That's shown by links. So, for instance, if you own a website and link back to AppScout (we are forever grateful) you are bestowing a little of your goodness on us. That's how Google, Yahoo!, Bing and the others interpret your largess. But if you run a site that's not trustworthy and no one in their right mind would ever link to you how can you still achieve search engine greatness? One way is to game the system with link spam. We see it in our comments here on AppScout all the time (though we work hard at policing against it). "Great post. That's really well thought out," is typical of comment spam. The content of the comment is meaningless. The commenter is really trying to get his/her URL listed alongside the comment. If he does--Bingo!
NEW YORK (Dow Jones)--A California man has been charged with trying to extort nearly $200,000 from New York Life Insurance Co. by threatening to send six million disparaging spam email messages about the company. Anthony Digati, 52 years old, of Chino, Calif., has been charged with one count of extortion through interstate communications. He faces up to two years in prison on the charge. It was revealed in a court appearance in California on Monday that his alleged target was New York Life. The company's name wasn't initially disclosed when the case was unsealed on Monday. Digati was arrested in California on Saturday. Bail was set at $50,000 at a hearing in federal court in California on Monday. As a condition of his bail, Digati is prohibited from engaging in Internet use regarding New York Life. Calls to Digati and his lawyer weren't immediately returned Monday. "After Mr. Digati contacted the company with his threats, we conducted a thorough investigation and determined the best course of action was to turn this over to the FBI for their assessment," a New York Life spokesman said. The company has no further comment, he said. Prosecutors from the U.S. Attorney's office in Manhattan alleged that Digati, on Feb. 22, contacted more than a dozen employees and executives of the insurer and one director by email, telling them to visit a Web site he had created. "I'm sorry it had to come to this, but I guess you won't listen to what customers' concerns are," Digati allegedly said in the email, according to prosecutors. "You enjoy ripping policyholders off with obscure products bought because of the trust you have established over 160+ years. You enjoy misleading the public and I will make it my purpose in life to educate them."
A California man who felt like his insurance company was cheating him has been arrested for threatening to launch a spam email attack against the company. Anthony Digati, 52, was arrested over the weekend and charged with extortion, federal prosecutors in Manhattan announced Monday. Digati had sunk almost $50,000 into a variable life insurance policy sold by New York Life and wanted a fourfold return. When the firm didn't comply, he allegedly threatened to send out 6 million emails critical of the company - which prosecutors say is extortion. "As you have denied my claim I can only respond in this way," Digati wrote in an e-mail sent last months to dozens of the company's employees, according to a criminal complaint in Manhattan Federal Court. "You no longer have a choice in the matter, unless of course you want me to continue with this outlined plan. I have nothing to lose, you have everything to lose. "Of course it is spam, I hired a spam service, I could care less, The damage will be done," Digati allegedly crowed.
A Trojan backdoor found its way into Energizer Duo USB battery charger software downloads. Malware bundled in a charger-monitoring software download package opens up a back door on compromised Windows PCs. The contaminated file is automatically downloaded from the manfacturer's website during the installation process, not bundled with an installation CD. Symantec warns that a file called “Arucer.dll”, which it identifies as Trojan-Arugizer, that is installed on compromised systems is capable of all manner of mischief. This includes sending files to the remote attacker or downloading other strains of malware, as instructed via commands on a back channel controlled by hackers. It's unclear how long the potentially malicious file has been offered up for public download or how many have been infected, as a write-up on the threat by Symantec explains. In a statement, Energizer acknowledged the problem and discontinued sale of the affected device, the Duo Charger (Model CHUSB). The battery maker has also launched an investigation into how backdoor functionality found its way into its software.
Qualys is set to launch on Monday a free service for Web site operators that will scan their sites for malware. As part of the service, QualysGuard Malware Detection crawls the pages of customer sites and looks for invisible iFrames, malicious JavaScript code, and other indications of a stealth threat to visitors and provides automated alerts and reports to Web site owners. The company has profiled Internet Explorer 6 and Adobe's Acrobat, Reader, and Flash Player to understand exactly what happens under normal conditions so it can quickly detect deviations that occur when malware is present, said Wolfgang Kandek, chief technology officer at Qualys. Profiles and testing on additional apps will be forthcoming, he said. "We think (those apps) are what attackers typically have in their sights right now, but we will not stop there," he said. Google spinoff Dasient offers a free service that alerts Web sites when they appear on malware blacklists and a paid service that detects and quarantines malware on sites.
March 3 (Bloomberg) -- McAfee Inc., exploring the cyber attacks originating from China, discovered at least six incidents in which hackers broke into the computer systems that companies use to house valuable intellectual property. “We know that these systems were absolutely targeted for the crown jewels of each organization -- potentially representing billions of dollars,” George Kurtz, McAfee’s chief technology officer, said today in an interview from Santa Clara, California. “We want to shed light on a problem that many didn’t realize.” Many companies hold source codes, product formulas and other kinds of intellectual property in “software configuration management systems,” said McAfee, the second-largest maker of security software. Companies typically set up these systems to support collaboration and version control, and they assume network security will keep their internal systems safe. Google Inc., the world’s most-popular search engine, said in January that it found evidence of “sophisticated” cyber attacks originating from China. Hackers went after at least 20 companies, Google said at the time. Those attacks are being investigated by U.S. government agencies, local law enforcement and security experts such as McAfee and larger rival Symantec Corp. McAfee Chief Executive Officer Dave DeWalt said this week that his company was the first to notice the hacks.
SAN FRANCISCO--The type of software corporations use to house source code that criminals targeted in the recent attacks on Google and others is generally weak in security protection, McAfee researchers said on Wednesday. McAfee analyzed a commonly used software for housing intellectual property called Perforce and released its findings during a session at the RSA security conference here. The company helped in the discovery that a hole in Internet Explorer 6 was exploited in at least some of the recent attacks on U.S. firms and named the attacks "Operation Aurora" after the malware used. Now the security company is turning its attention to looking at what attackers would be capable of doing once they are inside an organization. When Google disclosed the targeted attack on its network in mid-January, it said intellectual property was stolen. Gmail users who are human rights activists were also targeted in attacks and Google said the attacks appeared to originate in China and that it would stop censoring its Web results there and possibly exit the market entirely. Meanwhile, sources said at least 30 other companies were targeted in attacks in which intellectual property was at risk. Adobe and Intel have publicly disclosed that they were targeted in attacks last year, although it is unclear whether they are part of the attacks that targeted Google. Stuart McClure, general manager risk compliance at McAfee, said he could not say whether Perforce was used at the companies McAfee knows were attacked.
