http://www.spambully.com/news/ SpamBully News en-us Copyright 2012 Axaware Fri, 03 Feb 12 10:05:02 -0600 Fri, 03 Feb 12 10:05:02 -0600 http://blogs.law.harvard.edu/tech/rss SpamBully custom feed 300 webmaster@spambully.com (SpamBully Webmaster) webmaster@spambully.com (SpamBully Webmaster) http://www.spambully.com/news/blog/story/1291/Facebook_warns_investors_of_potential_SPAM_DELUGE/ Facebook has been the first internet company to baldly state the risks it faces from hacking and spam to the markets since the SEC issued guidance on the issue.In October last year, the US Securities and Exchange Commission told publically listed companies that it was about time they talked about the cyber-attacks they had suffered, particularly because online mischief could financially damage their products.One of the basic rules of listing on a stock market is that firms have to make their financial comings and goings public so that investors can make relatively informed decisions about whether or not to buy their shares. But up until last year, there was no push in the US for companies to fess up when theyd been hacked.Now the SEC says: Registrants should address cybersecurity risks and cyber incidents in their MDAmanagement discussion and analysis if the costs or other consequences associated with one or more known incidents or the risk of potential incidents represent a material event, trend, or uncertainty that is reasonably likely to have a material effect on the registrants results of operations, liquidity, or financial condition or would cause reported financial information not to be necessarily indicative of future operating results or financial condition.Facebooks widely anticipated IPO, for which the social network hopes to net a cool 5bn, is the first to actually use the words hacking and spam in their list of risk factors for investing in the firm. News Fri, 03 Feb 12 02:05:02 -0600 http://www.spambully.com/news/blog/story/1291/Facebook_warns_investors_of_potential_SPAM_DELUGE/ http://www.spambully.com/news/blog/story/1290/Google_Microsoft_Yahoo!_to_fight_email_spam/ Google, Microsoft, Yahoo!, AOL and Facebook are setting aside their online rivalry to fight a common enemy: email spam and phishing attacks.The Web giants said Monday they have teamed up with Bank of America, PayPal and others to combat spam and phishing, where emails seeking to obtain passwords or other information are sent to unsuspecting recipients.Following 18 months of private collaboration, they announced the formation of a technical working group known as DMARC.org, drawn from the acronym for Domain-based Message Authentication, Reporting and Conformance.Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the Internet as a whole, Brett McDowell, the chair of DMARC.org, said in a statement.Industry cooperation -- combined with technology and consumer education -- is crucial to fight phishing, said McDowell, the senior manager of customer security initiatives at PayPal.The members of DMARC are proposing email authentication standards for email senders and receivers designed to make impersonation more difficult for the fraudsters behind phishing attacks.Currently, email providers must rely on complex and imperfect measurements to separate legitimate unauthenticated messages sent by the domain owner from fraudulent phishing messages sent by a scammer, DMARC said. News Mon, 30 Jan 12 03:19:05 -0600 http://www.spambully.com/news/blog/story/1290/Google_Microsoft_Yahoo!_to_fight_email_spam/ http://www.spambully.com/news/blog/story/1289/Banks_Internet_companies_team_up_to_fight_spam/ Reuters - Some of the worlds biggest Internet companies and financial services firms have developed a new approach to fighting email spam that they hope will reduce online scams.Facebook, Google Inc and Microsoft Corp have joined with financial firms Bank of America Corp, Fidelity Investments and eBay Incs PayPal to create a set of industry standards for preventing criminals from sending out spam emails that appear to come from corporate email addresses.Fraudsters often pose as banks and other trusted firms in attempts to persuade email recipients to provide payment card numbers, bank account information and other personal data or click on links that infect computers with malicious software.The new approach calls for email providers and businesses to attack spammers by coordinating on a massive scale the use of two existing technologies for email authentication known by the acronyms SPF and DKIM, which have yet to be widely adopted.PayPal is one company that currently uses SPF Sender Policy Framework and DKIM DomainKeys Identified Mail technology standards to fight email spoofing, but only through partnerships with Yahoo Inc and Google, said Brett McDowell, a security manager at PayPal who serves as chairman of the group that developed the new standard. News Mon, 30 Jan 12 03:17:17 -0600 http://www.spambully.com/news/blog/story/1289/Banks_Internet_companies_team_up_to_fight_spam/ http://www.spambully.com/news/blog/story/1288/Facebook_Washington_state_target_online_spam/ SEATTLE AP Facebook is partnering with Washington state to combat a type of spam called clickjacking that is plaguing the social networking site, company and state officials announced Thursday.Two separate lawsuits were filed in federal courts in California and Washington state against Delaware-based Adscend Media LLC, which officials say is behind the spamming.The way we think about it, security is an arms race, Facebooks general counsel, Ted Ullyot, said alongside Washington state Attorney General Rob McKenna at the social media companys Seattle offices. Its important to stay ahead of spammers and scammers.In clickjacking, links on Facebook promising shocking or salacious videos have code embedded in them that spreads the link to the users page. That makes it seem like the user liked the link, with the aim of attracting more clicks from the users friends. The links eventually lead users to a survey or information from an advertiser.Adscend Media is spreading spam through misleading and deceptive tactics and has encouraged others to do the same, McKennas office said.An email inquiry sent to Adscend was not immediately returned, and an attorney for the company had not yet been listed in federal court records.Social networking sites are popular targets for spammers because people are more likely to trust and share content that comes from people they know. This makes spam, scams and viruses easy to spread. News Thu, 26 Jan 12 23:22:49 -0600 http://www.spambully.com/news/blog/story/1288/Facebook_Washington_state_target_online_spam/ http://www.spambully.com/news/blog/story/1287/Nokia_fined_in_Australia_for_spam-texting_its_own_customers/ Nokia has been fined by Australian regulators for spamming its customers with text messages, Reuters reports. The company will have to pay AUS55,000 for sending SMS marketing messages for its products and services alongside tips on how customers can best use their phones, but without offering a way to unsubscribe to the messages.The Australian Communications and Media Authority ACMA does not prohibit companies from using unsolicited text messages, but according to the Spam Act of 2003, those messages must be accompanied by a way to contact the company and unsubscribe. While the usage tips Nokia sent contained some factual information and werent mere marketing, some were promotions for things like mobile phone accessories.Spam texts have proved to be a popular marketing method in Australia: ACMA reported a 370 percent increase in spam reports over the 2010-2011 fiscal year. Unlike the US, which only protects cell users from spam texts that arrive from a domain name for example, an e-mail address and not from all SMS spam, Australia frowns on spam sent directly to mobile numbers.In addition to paying the fine, Nokia will be required to train its employees to comply with Australias Spam Act and to appoint a consultant to audit its systems and processes for sending texts to customers. News Wed, 25 Jan 12 22:51:00 -0600 http://www.spambully.com/news/blog/story/1287/Nokia_fined_in_Australia_for_spam-texting_its_own_customers/ http://www.spambully.com/news/blog/story/1286/Global_spam_declines_as_malware_encounters_pick_up:_report/ Global spam volumes continued to decline throughout 2011, but web malware encounters appear to be growing steadily, according to new research from Cisco.The Cisco 4Q11 Global Threat Report, which covers the period between October 1 and December 31, 2011, found that enterprise users experienced an average of 339 malware encounters online per month during the fourth quarter.Part of the serious danger here is that 33 percent of those attacks were using zero-day malware, which were not detectable by traditional signature-based methodologies at the time of encounter.For the year overall, Cisco tracked an average of 20,141 unique web malware hosts encountered per month in 2011 compared to a monthly average of 14,217 in 2010.The average per month in 2011 was 362 web malware encounters, and the peak amounts were found in September and October at 698 and 697 encounters on average per enterprise, respectively.Denial-of-service events also increased slightly over the course of the fourth quarter, while the number of SQL injection signature events stayed steady. News Wed, 25 Jan 12 04:19:27 -0600 http://www.spambully.com/news/blog/story/1286/Global_spam_declines_as_malware_encounters_pick_up:_report/ http://www.spambully.com/news/blog/story/1285/McAfee_Patches_Spam_Relay_Flaw_in_SaaS_Total_Protection_Service/ McAfee has fixed issues in its Total Protection service that allowed attackers to take over computers to send out spam.A bug in McAfees hosted anti-malware service was being exploited by spammers to turn computers into a spam proxy to send out large volumes of spam, David Marcus, director of security research at McAfee Labs, wrote in a blog post Jan. 18. Another flaw allowed remote attackers to abuse an ActiveX control to execute code.McAfees SaaS Total Protection is a suite of software-as-a-service offerings that includes Web filtering, antivirus and anti-spam capabilities. The spam flaw was in the Rumor technology used within the suite. McAfee patched SaaS Total Protection on Jan. 20 to close both vulnerabilities, according to the blog post.Because this is a managed product, all affected customers will automatically receive the patch when it is released, Marcus said.The Rumor feature allows agents installed on the computers to share antivirus, anti-spyware and firewall updates across the network instead of having to download them from McAfee servers individually. Downloading the security updates once and distributing them to all computers on a network mean organizations can save bandwidth and management time.Spammers exploited the vulnerability in Rumor to accept incoming connections on port 6515 and to respond by opening hundreds of outgoing connections with other servers, according to a blog post by Keith and Annabel Morrigan of British art company Kaamar. Spammers bounced spam messages off computers running the Rumor service agent to make it seem as if the messages were being sent by those machines. News Sat, 21 Jan 12 01:32:56 -0600 http://www.spambully.com/news/blog/story/1285/McAfee_Patches_Spam_Relay_Flaw_in_SaaS_Total_Protection_Service/ http://www.spambully.com/news/blog/story/1284/McAfee_to_plug_spam_hole_this_week/ McAfee will release a fix this week for a bug in its SaaS for Total Protection anti-malware service that scammers were using to distribute spam, the company said today.The problem came to light after McAfee customers reported in blog posts and forum sites that spammers were using a hole in McAfees RumorServer relay service to secretly send spam from their machines. The customers said they noticed the problem after their e-mails were blocked by e-mail providers and their IP addresses appeared on blacklists.The problem is isolated to the SaaS Total Protection service, according to David Marcus, director of security research at McAfee Labs. There is no evidence that any customer data has been lost or compromised as a result of the problem, he said.The patch will be released on January 18 or 19, as soon as we have finished testing, Marcus wrote. Because this is a managed product, all affected customers will automatically receive the patch when it is released.There are two issues with the software. One vulnerability could allow an attacker to misuse an ActiveX control to execute code on victims computer. The second one, which is the issue the customers complained about, allows an attacker to misuse the open relay technology in the software. News Fri, 20 Jan 12 00:59:10 -0600 http://www.spambully.com/news/blog/story/1284/McAfee_to_plug_spam_hole_this_week/ http://www.spambully.com/news/blog/story/1283/Hackers_Target_Children_as_Adults_Wise_Up_to_Spam/ Hackers are targeting websites aimed at children, by embedding malicious software in free gaming sites, praying on the young as adults grow wise to their strategies.Child-focused malware first affected Chinese sites last year, but now arcade game sites worldwide are growing increasingly susceptible to malware.Avast, a European anti-virus firm, reported more than 60 arcade game sites with threatening, malicious software. The company singles out CuteArcade.com as the worst offender.CuteArcade.com, registered to a company out of the British Virgin Isles, features a trojan on the site itself. Avast researchers believe some of the sites are designed specifically with infection in mind, and think CuteArcade.com is one of those sites.Other sites corrupted by a third-party virus are often unaware of their threat, and look utterly innocuous. The majority of threats come from third-party ads on legitimate pages.The decision to target children reflects a larger move towards alternative methods of spamming and malware infection. As the general populace expands its computer literacy, the threats posed by ordinary pop-up ads and email scams arent as effective anymore. Computer users are wary of messages from strangers and links promising riches to those who click.In response to the growing awareness, hackers are now tailoring their malware to children because they are less skeptical and savvy about online hazards. News Wed, 18 Jan 12 21:46:38 -0600 http://www.spambully.com/news/blog/story/1283/Hackers_Target_Children_as_Adults_Wise_Up_to_Spam/ http://www.spambully.com/news/blog/story/1282/How_Facebook_Took_Down_Koobface_Malware/ Facebook revealed Tuesday how over the past year it has been fighting the infamous Koobface malware that spreads via social networks and builds out a botnet: It knocked one of the gangs command-and-control CC servers offline, which has resulted in more than nine months of no Koobface infections on the massive social network.Security researchers worldwide have been putting the screws to the brazen Koobface malware gang of late in hopes of derailing their operations. Names have been named, their photos posted online, but they continue to operate freely in Russia. Sophos Labs, which revealed Tuesday a detailed account of how it followed the trail to the alleged gang members, also released the names of the alleged perpetrators: Anton Korotchenko, Alexander Koltyshev, Roman Koturbach, Syvatoslav Polinchuk, and Stanislav Avdeiko.Koobface, which is an anagram for Facebook, had dogged the social network since 2008. The gang made money via pay-per-click and traffic referral schemes: Once a user got infected, his or her machine was redirected and, at times, duped into fake antivirus scams. The Koobface gangs central CCserver was at the heart of the operation.But Facebook said that it killed that server back in March of last year: ... Facebook Security was able to perform a technical takedown of this Command Control mothership. And since then we have had no new sightings of Koobface for over nine months and our teams are working hard to keep it that way according to post by Facebooks security group.That takedown apparently came with the help of researchers including indie researcher Jan Droemer, who worked with SophosLabs Dirk Kollberg.Facebook says it will share the information and intelligence it discovered about the game with others in the security industry. News Wed, 18 Jan 12 01:21:30 -0600 http://www.spambully.com/news/blog/story/1282/How_Facebook_Took_Down_Koobface_Malware/ http://www.spambully.com/news/blog/story/1281/McAfee_software_lets_scammers_hijack_PCs_to_send_spam2012-01-17/ McAfee is looking into a problem with a service in its SaaS Endpoint Protection software that appears to be allowing computers to serve as open proxies for sending spam, the company told CNET today.We are aware of the issue and have both threat analytics and development teams diligently analyzing the problem and possible solutions, the company said in a statement. We will have more information on the issue shortly.A public relations representative said she was attempting to get more information on the matter but did not get back to CNET by the end of the work day. The problem was reported by McAfee customers on the Web who complained that their e-mails were being blocked by e-mail providers and their IP addresses were being blacklisted for sending spam.The problem appears to be in the RumorServer Service myAgtSvc.exe, McAfee Peer Distribution Service, which is part of McAfee SaaS Endpoint Protection Suite, previously known as Total Protection Service, according to the Kaamar Blog. The technology, used for delivering updates to computers without a direct Internet connection, serves as an Open Proxy on Port 6515, which effectively opens the computer up to being used by spammers to use the computer to send spam to other sites that looks like it is coming from that IP address, the blog post says.The Kaamar blog first detected a problem on January 4 when e-mail was returned undelivered with a message saying Our system has detected an unusual rate of unsolicited mail originating from your IP address. News Wed, 18 Jan 12 01:19:28 -0600 http://www.spambully.com/news/blog/story/1281/McAfee_software_lets_scammers_hijack_PCs_to_send_spam2012-01-17/ http://www.spambully.com/news/blog/story/1280/Hackers_spread_malware_via_childrens_gaming_websites/ Hackers are increasingly targeting child-focused gaming websites, according to a leading anti-virus firm.Avast says it detected malware threats at more than 60 sites that contained game or arcade in their title, in the 30 days running up to 12 January.It says the pages tried to download Javascript infections, redirectors and potentially unwanted software.The Czech company says that young children are often less careful than adults about what they click on.These are sites with mini-games, including flash applications and simple online apps - one example is software that allows girls to dress and change the clothes of characters, Ondrej Vlcek, the firms chief technical officer, told the BBC.Avast says the most visited site affected - cutearcade.com - had generated more than 12,600 infection reports from its protection software as of last week.The company says a Trojan on the site had redirected users to linuxstabs.com, a known distribution point for malware.Cutearcade.coms owner Two Point Oh, registered to the British Virgin Island of Tortola, did not respond to requests for comment.At the time of writing the site no longer triggered a malware warning. News Mon, 16 Jan 12 12:53:09 -0600 http://www.spambully.com/news/blog/story/1280/Hackers_spread_malware_via_childrens_gaming_websites/ http://www.spambully.com/news/blog/story/1279/Weight-loss_spam_spreads/ Scores of Twitter accounts have been posting tweets promoting weight-loss programmes in a new spam attack that even included ANC Youth League spokesperson Floyd Shivambu and City Press editor Ferial Haffajee.Shivambus account floydns sent out numerous spam tweets with suspicious-looking links on Sunday, all promoting weight-loss. The spam also included direct messages with similar content.City Press editor Ferial Haffajees account ferialhaffajee was also compromised, as she tweeted: Want to lose any weight? go here: http:mediareadonline.com best product for losing weight.Haffajee was, however, quick to pick up the spam and tweeted to her followers: Sorry, Ive been hacked. I think youre gorgeous just as you are, of course.Weight-loss spam on Twitter is nothing new, however, and there have been numerous similar spam attacks in the past.Last year, an attack that started on instant messaging services also infected Twitter with a proliferation of messages with links to weight-loss products.As with the current proliferation of spam, the previous attacks made use of URL shortening services often used on Twitter such as TinyURL in order to mask the spam link. News Mon, 16 Jan 12 12:51:48 -0600 http://www.spambully.com/news/blog/story/1279/Weight-loss_spam_spreads/ http://www.spambully.com/news/blog/story/1278/New_wave_of_viruses_target_Facebook_Twitter/ A new form of virusdubbed social media virus or social spamhas companies like Facebook and Twitter working around the clock to prevent hackers from exploiting their social networks.Hackers have become adept at creating fraudulent profile accounts from which to launch large scale spam attacks. A new Social Spam Index created by Imperium, a start-up company devoted exclusively to fighting social spam, indicates that as much as 40% of public profiles across social networks are now fraudulent. Roughly 400 million Facebook users, for example, are victimized by social spam each day. And TechCrunch reported earlier this month that one of Imperiums social network clients experienced a spam attack in which 300,000 fraudulent accounts were created in one hour, resulting in 475,000 spam messages to legitimate community members.Compared to email spam, the problem of social spam as a percentage of overall traffic remains relatively small. The Wall Street Journal recently reported that 4% of Facebook posts and 1.5% of Tweets are now spam related. In contrast, more than 70% of all email is currently spam. However, email spam is trending downward from 92.2% in August 2010 as preventive measures have become more sophisticated and better at blocking email attacks. Consequently, spammers are turning their attention to social networks. Facebook, which says that the volume of spam is outpacing its user base, now blocks 200 million spam-related actions daily.Social viruses involve a number of troubling tactics. Among other things, hackers infiltrate social networks by creating false, often alluring profiles. They then target users who accept their friend invite, simultaneously sending spam across their personal network. The spam spreads further as other users do the same. Additionally, social spam is more deceptive than common email spam because it can make it look like your friends are recommending articles, items, and deals. Spammers also use major news events, often emotionally charged, to lure in users. Perhaps the most sophisticated and potentially dangerous social spam involves malware. Hackers dupe users into unwittingly downloading malware, effectively gaining control over their computers. In addition to sending out multiple spam messages, malware tracks users online presence, peers in on chat sessions, and even mines personal information. News Wed, 11 Jan 12 02:02:06 -0600 http://www.spambully.com/news/blog/story/1278/New_wave_of_viruses_target_Facebook_Twitter/ http://www.spambully.com/news/blog/story/1277/Researchers_spot_pharmaceutical_spam_campaign_using_QR_Codes/ Spammers are no strangers to new technologies, and as true marketers, would do everything to achieve the objectives of their marketing campaign.Security researchers from WebSense, have detected a spam campaign using QR codes. Scanning the QR code with a QR reader will load the pharmaceutical spam URL in the browser.More details: The spam email messages look like traditional pharmaceutical spam emails image 1 and contain a link to the Web site 2tag.nl. This is a legitimate Web service that allows users to create QR codes for URLs. Once the 2tag.nl URL from the mail message is loaded in the browser, a QR code is displayed, along with the full URL that the QR code resolves to on the right image 2. When the QR code is read by a QR reader, it automatically loads the spam URLor asks before loading, depending on which flavor of QR reader you have installed images 3 and 4.This isnt the first time that cybercriminals use QR codes to spread scams and malicious content. In September, 2011, security researchers from Kaspersky Lab discovered a malware campaign relying on QR codes for spreading of mobile malware. News Wed, 11 Jan 12 02:00:38 -0600 http://www.spambully.com/news/blog/story/1277/Researchers_spot_pharmaceutical_spam_campaign_using_QR_Codes/ http://www.spambully.com/news/blog/story/1276/Part_virus_part_botnet_spreading_fast:_Ramnit_moves_past_Facebook_passwords/ The latest variant of Ramnit, the Windows malware responsible for the recent theft of at least 45,000 Facebook logins, is the latest example of how malware writers and cyber-criminals take off-the-shelf hacks and bolt them together to teach old viruses new tricks. Facebook passwords arent the only thing that the Ramnit virus can grabthanks to the integration of some of the code from the Zeus botnet trojan, Ramnit can now be customized with modules for all manners of remote-controlled mayhem.Ramnit is an interesting beast, said Amit Klein, CTO of web security services firm Trusteer in an interview with Ars. Until last summer, it was just a generic worm spreading around by infecting files. Then they retrofitted it with financial fraud capabilities.The evolved version of Ramnit is a potent threat to enterprises, he said, because it can capture any data in a web sessionand as more companies move to web-based software as a service for enterprise applications, that could include almost anything.First sighted by researchers in 2010 in its initial form, Ramnit spreads by attaching itself to Windows executable files .EXE. .SCR and .DLL files as well as to HTML documents. In some variants spotted earlier this year by Microsoft researchers, it also attached itself to Microsoft Office documents. Versions have also been spotted that install themselves onto USB drives when theyre connected, and create an Autorun script that launches the virus installer when the drive is plugged into another PC. News Tue, 10 Jan 12 00:34:26 -0600 http://www.spambully.com/news/blog/story/1276/Part_virus_part_botnet_spreading_fast:_Ramnit_moves_past_Facebook_passwords/ http://www.spambully.com/news/blog/story/1275/Japan_develops_malware_cyberweapon/ The Japanese government has been quietly developing a cyberweapon since 2008, which reportedly is able to track, identify and disable sources of online attacks, one report stated.According to The Daily Yomiuri on Tuesday, the cyberweapon is a three-year project to research and test network security analysis equipment production and was helmed by the countrys Defense Ministrys Technical Research and Development Institute, which is in charge of weapons development.The goverment agency then outsourced the project to Fujitsu, which won the bid to develop the malware cyberweapon and a system to monitor and analyze cyberattacks, for 178.5 million yen US2.3 million. The malware has since been tested in a closed network environment, the report added.It also pointed out that while cyberweapons are already in use by countries such as the United States and China, there is no provision within Japans existing legislation on foreign attacks to allow the use of cyberweapons against external parties. As such, the Defense Ministry and Foreign Ministry have begun legislative consideration regarding the matter, according to unnamed sources cited by The Daily Yomiuri. The virus has the ability to trace cyberattack sources beyond the immediate source to all springboard computers used in the transmission of the virus to a high degree of accuracy for distributed denial-of-service DDoS attacks, the report noted. It can also disable the attack and collect relevant information. News Wed, 04 Jan 12 02:23:07 -0600 http://www.spambully.com/news/blog/story/1275/Japan_develops_malware_cyberweapon/ http://www.spambully.com/news/blog/story/1274/Spam_knocks_E*Trade_offline/ AUSTRALIAS second-biggest online broking business, ANZs ETrade, was forced to shut down over Christmas and New Year because of a malicious cyber attack from overseas.Thousands of emails bombarded the broking site in a denial of service attack. The lockout was first noticed by ETrade customers trying to access the site from overseas, as the bank shut off access to all overseas users. It is believed that as risk assessments were done on individual countries, access was restored.An ETrade spokesman said that, while the closure principally affected users overseas, there was intermittent access for customers in Australia on 19 and 20 December. News Wed, 04 Jan 12 02:21:29 -0600 http://www.spambully.com/news/blog/story/1274/Spam_knocks_E*Trade_offline/ http://www.spambully.com/news/blog/story/1273/Google_criticised_over_‘spam’_campaign_for_Chrome/ Google has been accused of violating its own anti-spam rules by sponsoring hundreds of blog postings in an effort to promote Chrome, its web browser.The postings, which give glowing reviews to the software for use in small businesses, make it clear they are sponsored by Google.They also include sponsored links that work to promote the term Google Chrome in Googles search results, however, in violation of its own rules against using spam to manipulate rankings.But the search engine company said the fault lay with a media buying firm called Essence Digital, employed by Google.In a statement, Essence Digital said: We want to be perfectly clear here: Google never approved a sponsored-post campaign.They only agreed to buy online video ads. Google have consistently avoided paid postings to promote their products, because in their view these kind of promotions are not transparent or in the best interests of users. News Tue, 03 Jan 12 12:36:14 -0600 http://www.spambully.com/news/blog/story/1273/Google_criticised_over_‘spam’_campaign_for_Chrome/ http://www.spambully.com/news/blog/story/1272/Spam_capital_India_arrests_six_in_phishing_probe/ Police in India say they have arrested six foreign nationals suspected of defrauding hundreds of people using text message and email scams.Scam victims were duped after being told they had won a lottery.Authorities seized 14 laptops, seven memory sticks and 23 mobile phones, as well as fake documents and cash.The arrests come after security firm Kaspersky reported that India now sent more spam than any other country in the world.Police said the six men, all Nigerian, would be remanded in custody until 12 January.The arrests signal attempts to crack down on a growing cybercrime problem in the region.Mumbai-based internet security specialist Vijay Mukhi said poor enforcement of laws meant spammers could act with impunity.We have an Information Technology Act that was introduced in 2000. But we dont have any convictions under it and its silent on spam, he said. News Tue, 03 Jan 12 12:34:13 -0600 http://www.spambully.com/news/blog/story/1272/Spam_capital_India_arrests_six_in_phishing_probe/ http://www.spambully.com/news/blog/story/1271/Spam_Finds_New_Target/ Facebook Inc. and Twitter Inc. are building up their forces to fight an emerging enemy: social spam.One of their foot soldiers is Tao Stein, a Facebook engineer. At 4 a.m. one May morning, Mr. Stein was jolted out of bed by a spam alert on his cellphone. Facebook was being inundated with messages that read, hey check out this link FREE IPAD. But there was no free iPadjust malware that caused Facebook users who clicked on the link to unintentionally rebroadcast the annoying message to friends.Mr. Stein switched on his coffee pot and logged on to his computer, launching a program to filter out the iPad offers. He adjusted his filter as the spammers quickly modified their come-on to evade it. We have to continue iterating until we find their Achilles heel, says Mr. Stein, whose efforts stemmed the tide only for about a day.Spam, one of the Internets oldest annoyances, is gearing up for a second act. Unlike traditional email spam, which usually comes from strangers, this new formdubbed social spamoften appears to be from a friend. Criminals find social networks alluring because they can spread messages though a chain of trusted sources.Such spam puts the usefulness of social networking at risk. Facebook says less than 4% of the content shared on its site is spam and Twitter says just 1.5% of all tweets were spammy in 2010. But Facebook adds that the volume is growing faster than its user base. On any given day, spam hits less than 0.5% of Facebook users News Tue, 03 Jan 12 12:31:06 -0600 http://www.spambully.com/news/blog/story/1271/Spam_Finds_New_Target/ http://www.spambully.com/news/blog/story/1270/McAfee_Reveals_Its_2012_Threat_Predictions/ SANTA CLARA, Calif. Dec. 28, 2012 McAfee today unveiled its 2012 Threat Predictions report, outlining the top threats that McAfee foresees for the coming year. The list indicates that emerging threats from 2011 are on track to become the major players for cyberactivity in 2012, including mobile banking, legal spam and virtual currency. McAfee Labs also predicts that attacks involving political motivation or notoriety will also make headlines, including high-profile industrial attacks, cyberwarfare demonstrations and hacktivist attacks targeting public figures.Many of the threats that will become prominent in 2012 have already been looming under the radar in 2011, said Vincent Weafer, senior vice president of McAfee Labs. Over the past year, the general public has become more aware of some of these risks, such as threats to critical infrastructure or the impact of hacktivism as they gain international media attention. In the meantime, we continue to see cybercriminals improving their toolkits and malware and are ready to make a significant impact in 2012.McAfee Labs Threat Predictions for 2012:Industrial Attacks: Cybercriminals Target UtilitiesWater, electricity, oil and gas are essential to peoples everyday lives, yet many industrial systems are not prepared for cyberattacks. Many of the environments where SCADA supervisory control and data acquisition systems are deployed dont have stringent security practices. As with recent incidents directed at water utilities in the United States, attackers will continue to leverage this lack of preparedness, if only for blackmail or extortion in 2012.Advertisers Will Legalize SpamMcAfee Labs has seen a drop in global spam volumes in the past two years. However, legitimate advertisers are picking up where the spammers left off, using the same spamming techniques, such as purchasing email lists of users who have consented to receive advertising or purchasing customer databases from companies going out of business. McAfee Labs expects to see this legal spam and the technique known as snowshoe spamming to continue to grow at a faster rate than illegal phishing and confidence scams.Mobile Threats: Attackers will bypass PCs2011 has seen the largest levels in mobile malware history. In 2012, McAfee Labs expects for mobile attackers to improve on their skill set and move toward mobile banking attacks. Techniques previously dedicated for online banking, such as stealing from victims while they are still logged on while making it appear that transactions are coming from the legitimate user, will now target mobile banking users. McAfee Labs expects attackers will bypass PCs and go straight after mobile banking apps, as more and more users handle their finances on mobile devices.Embedded Hardware: The Promised Land for sophisticated hackersEmbedded systems are designed for a specific control function within a larger system and are commonly used in automotive, medical devices, GPS devices, routers, digital cameras and printers. McAfee Labs expects to see proofs-of-concept codes exploiting embedded systems to become more effective in 2012 and beyond. This will require malware that attacks at the hardware layer, and will enable attacks to gain greater control and maintain long-term access to the system and its data. Sophisticated hackers will then have complete control over hardware. News Sun, 01 Jan 12 23:53:51 -0600 http://www.spambully.com/news/blog/story/1270/McAfee_Reveals_Its_2012_Threat_Predictions/ http://www.spambully.com/news/blog/story/1269/Lets_Terminate_Malware_in_2012/ Antivirus research is a cat and mouse problem. Each time the virus writers develop a new technique to spread malware or steal private data, antivirus experts rush to build countermeasures. To actually defeat the malware coders, we need to get out of strictly reactive mode. That requires looking at the motivations that drive malware creators, not just at their actions. Note: The content of this article was originally presented as the keynote speech for the 6th International Conference on Malicious and Unwanted Software Malware 2011 this past October in Fajardo, Puerto Rico. Sponsored by the IEEE Computer Society, Trend Micro, and WSSRL Wireless System Security Research Laboratory, this conference aims to bring together experts from industry, academia, and government to discuss the latest advances in malware research.Virus Writers of Old MotivationsThe concept of a computer virus is probably older than you think. Von Neumann theorized the possibility of self-reproducing automata way back in the sixties. A fictional sentient computer protected itself using a virus in David Gerrolds When Harlie Was One 1972. The protagonist of John Brunners The Shockware Rider 1975 erased his identity using a network worm. And in 1996 Jeff Goldblum saved the world by uploading a computer virus into an alien spaceship from a Macintosh?!Some early virus writers coded their creations just to prove it could be done. These proof-of-concept viruses go way back. Creeper, an experimental self-replicating program, spread across ARPANET in the early 70s. However, it wasnt until 1986 that we saw the first PC virus, called Brain. F-Secures Chief Research Officer Mikko Hypponen actually tracked down Brains creators 25 years later, using the address and phone number embedded in the virus code. Apparently they were experimenting with DOS security and tracking they had no intention of creating a virus. News Fri, 30 Dec 11 01:13:10 -0600 http://www.spambully.com/news/blog/story/1269/Lets_Terminate_Malware_in_2012/ http://www.spambully.com/news/blog/story/1268/NC_park_officials_regret_spam_created_by_holiday_greeting_email_that_allowed_reply_to_47000/ CHARLOTTE, N.C. North Carolina park officials are apologizing for mistakenly serving up a heaping helping of holiday spam.The Charlotte Observer reports http:bit.lytB8Lvy the states Parks and Recreation staff sent an electronic seasonal greeting that inadvertently allowed people to reply to all 47,000 people on the agencys email list. Assistant Director Don Reuter says the staff spent this week addressing the concerns of people who worried their individual email addresses or other personal data were compromised.Assistant Director Don Reuter says the staff spent this week addressing the concerns of people who worried their individual email addresses or other personal data were compromised. Reuter says a sender could reach the whole group but did not have access to the list of addresses.Reuter says the division wont send any more group emails unless staffers are sure they cant generate mass replies. News Fri, 30 Dec 11 01:11:44 -0600 http://www.spambully.com/news/blog/story/1268/NC_park_officials_regret_spam_created_by_holiday_greeting_email_that_allowed_reply_to_47000/ http://www.spambully.com/news/blog/story/1267/India_top_source_of_spam_in_3rd_quarter_of_2011:_Report/ DUBAI: More than 50 per cent of all spam messages in the world during the third quarter of 2011 originated from just six countries, with India accounting for the highest 14.8 per cent of such messages.According to Kaspersky Labs spam report, India was ahead of countries like Indonesia 10.6 per cent, Brazil 9.65 per cent, Peru 6.65 per cent, South Korea 5.85 per cent and Ukraine 3.7 per cent.All of the countries that make up the top 10 sources of spam are situated in South America, Asia and Eastern Europe, the report said.This is due to the fact that there are numerous users in these countries and they are, for the most part, not very experienced when it comes to IT security. This makes them a soft target for cybercriminals spreading spam-bots, it said.The report said that all GCC countries together accounted for only 1.33 per cent of all global spam, with Saudi Arabia leading the pack. This was attributed to the low number of users and more vigilance in protecting computers in these countries.GCC countries are Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, and United Arab Emirates. News Thu, 29 Dec 11 12:56:53 -0600 http://www.spambully.com/news/blog/story/1267/India_top_source_of_spam_in_3rd_quarter_of_2011:_Report/ http://www.spambully.com/news/blog/story/1266/McAfee_predicts_more_high-profile_targeted_attacks_in_2012/ Targeted attacks towards mobile devices and centers of industry are high on the list of priorities for hackers, according to McAfees 2012 Threat Predictions report, published today.In 2011, most of the hacking breaches were targeted towards financial centers and governmental offices as well as global corporations. While some of these attacks have trickled down to affect customers of these agencies, many of whom can be considered innocent bystanders, things are about to get a whole lot more serious for ordinary citizens next year, according to McAfee.Specifically, many utility systems i.e. water, electricity, oil and gas dont have stringent security practices. McAfee predicts that cyber criminals will take advantage of this gap in 2012, possibly with blackmail or extortion included.McAfees predictions fall in line with Ciscos 2012 predictions, which has repeatedly issued reports attesting that most cyber criminals are dropping producing mass spam in favor of more targeted attacks.McAfee Labs senior vice president Vincent Weafer concurred in the report that many of the budding threats in 2011 will become more prominent in 2012: Over the past year, the general public has become more aware of some of these risks, such as threats to critical infrastructure or the impact of hacktivism as they gain international media attention. In the meantime we continue to see cybercriminals improving their toolkits and malware and are ready to make a significant impact in 2012.Other major threat predictions include new hacktivist groups, spam exploiting virtual currency and digital wallets, the circulation of fake rogue certificates, and even cyber attacks against critical infrastructure between military and government organizations worldwide. News Thu, 29 Dec 11 12:55:05 -0600 http://www.spambully.com/news/blog/story/1266/McAfee_predicts_more_high-profile_targeted_attacks_in_2012/ http://www.spambully.com/news/blog/story/1265/Kim_Jong-il_death_spam_carries_malware/ As expected, malicious spam taking advantage of the death of North Korean leader Kim Jong-il has been hitting inboxes since the news was announced.The emails contain a simple line of text announcing the death, likely copied and pasted from the CNN website, and carries an attachment named brief_introduction_of_kim-jong-il.pdf.pdf.Once downloaded and executed, the malicious file opens a non-malicious PDF file containing a picture and information about the deceased man in order to hide its true activity on the victims computer.In other variants of the same theme, the attached file is namedKim_Jong_il_s_death_affects_N._Korea_s_nuclear_programs.doc and, once opened, it drops backdoor-opening malware into the system, which then connects to a remote CCserver for further instructions. News Tue, 20 Dec 11 12:40:05 -0600 http://www.spambully.com/news/blog/story/1265/Kim_Jong-il_death_spam_carries_malware/ http://www.spambully.com/news/blog/story/1264/Report:_More_mobile_malware_expected_in_2012/ A smartphone security company has predicted that in 2012, there will be more malware masquerading as legit apps, apps that will fleece consumer pockets and malvertising real-looking ads that lead trusting souls to fraudulent sites.Lookout Mobile Security, which monitors apps on Android, Blackberry, iOS and Windows Mobile devices, released its Malwarenomics: 2012 Mobile Malware Predictions report Tuesday night, which follows up on information gathered this year that revealed more than 1,000 instances of infected applications, doubling in frequency since July. The report also found that for U.S. Android users, the likelihood of clicking on an unsafe link is 40 percent.Not that its surprising, but money seems the most significant motivation behind the most egregious mobile malware Lookout studied: When mobile malware producers are able to steadily increase profits from infections more than they pay to infect devices, the industry will grow rapidly. There are a number of trends seen in 2011 that we expect to carry over into 2012 perhaps at a greater rate that will drive down the cost of infection and drive up profitability. The company identified some specific instances where consumers should use extra caution when downloading apps or clicking links on phones. News Thu, 15 Dec 11 12:19:26 -0600 http://www.spambully.com/news/blog/story/1264/Report:_More_mobile_malware_expected_in_2012/ http://www.spambully.com/news/blog/story/1263/Spam_sinks_to_lowest_level_in_almost_three_years_says_Symantec/ The rate of spam across the world has hit close to a three-year low and now encompasses just 70 percent of all e-mails, according to Symantecs November Intelligence Report PDF.That number is a healthy drop from 2009 when spam accounted for 90 percent of all global e-mails. And its close to the 68 percent level seen in late 2008 after the spam hosting ISP McColo was shut down.In particular, pharmaceutical spam is at its lowest level since Symantec started tracking it, now accounting for 32.5 percent of all spam, cut in half from 64.2 percent a year ago.Russia proved to be the most spammed region last month, with a rate of 76.7 percent, followed by Saudi Arabia with 76.6 percent of its e-mails blocked as spam. The U.S. fared a little better where 69.9 percent of all e-mails were identified as junk.Of course, spammers always find a way to bounce back, so the sharp decline in junk mail has been slowing as of late, says Symantec. Plus, the bad guys are using more targeted malware approaches instead of blanketing the world with mass e-mails.Directed toward specific people or organizations, such targeted attacks often use social media to trick their victims into installing malware geared toward stealing company secrets. News Thu, 15 Dec 11 12:17:34 -0600 http://www.spambully.com/news/blog/story/1263/Spam_sinks_to_lowest_level_in_almost_three_years_says_Symantec/ http://www.spambully.com/news/blog/story/1262/Cisco_Report:_Spearphishing_Attacks_Triple_As_Victims_Costs_Hit_$1.29_Billion/ Spearphishing attacks have tripled and scams and malware campaigns have increased by a factor of four in the last 12 months, resulting in 1.29 billion in financial losses, remediation and lost business, according to a report from Cisco NSDQ:CSCO released Thursday.These and other findings were incorporated in Email Attacks: This Time Its Personal, a report which researchers at Cisco Security Intelligence Operations compiled from surveying 361 IT professionals from 50 organizations in an effort to examine attack trends and their financial impact on organizations.Above all, Cisco researchers said that cyber criminals are overwhelmingly trending toward low-volume but highly sophisticated spearphishing and targeted attacks, evidenced by a spate of recent cyber assaults against RSA , Google , Lockheed Martin and Sony.2011 has been the year of the breaches, said Patrick Peterson, a Cisco security research fellow, during a Cisco press event Thursday.Peterson added that what differentiated the security landscape now is the number of high-profile, targeted attacks. Theyre so in your face and take such a front-page level, for various reasons. They have been on the front page and will continue to be on the front page, he said. News Thu, 30 Jun 11 12:23:53 -0500 http://www.spambully.com/news/blog/story/1262/Cisco_Report:_Spearphishing_Attacks_Triple_As_Victims_Costs_Hit_$1.29_Billion/ http://www.spambully.com/news/blog/story/1261/Foursquare_users:_Beware_of_badge_spam/ If earning badges through Foursquare is one of your motivations for check-ins, then you might be in for a roller coaster ride of emotions, as some site maintenance might have resulted in some Twitter spam getting in.The Next Web wrote about this, as users are experiencing the highs and lows of sudden badge achievements being tweeted out some of which theyd already earned but upon checking their accounts found the badges had been deleted. Theyd find, as Toronto-based Cheryl McKenzie did, that theyd lost their 30 badges and earned a newbie badge after 1,258 check-ins. Talk about playing with a persons emotions.Foursquares database software maintenance Tuesday night and problems with the site and app might have contributed to the snafus. Its latest status update, as of 6:19 PT Wednesday, reads: Some users are experiencing trouble with badges, and that theyre working on a fix right now. Weve also reached out to them and well let you know what they say.Not sure how widespread this problem is, thought tweet complaints keep on coming, but with the site recently announcing its 10 millionth member, its probably in their best interest to solve this problem fast before it becomes too annoying.But really, maybe its a blessing in disguise. Who really needs to know where you are all the time? Besides stalkers, thieves and serial killers? News Thu, 30 Jun 11 07:11:43 -0500 http://www.spambully.com/news/blog/story/1261/Foursquare_users:_Beware_of_badge_spam/ http://www.spambully.com/news/blog/story/1260/Spam_volumes_show_massive_drop_-_but_why?/ Spam levels have dropped massively in recent months, though researchers fear this is simply because botnet operators have switched their attention to more lucrative activities.Junk mail volumes - which reached 90 per cent last summer - are down to 75 per cent this summer, net security firm Symantec reports.The 15 percentage points drop in spam has led to a 60 per cent decrease in total email volumes, helping reduce network congestion and server load in the process.Symantec reports that junk mail volumes that reached a high of 230 billion spam messages per day in July 2010, 90 per cent of all email traffic, are down to 39.2 billion messages per day, 72.9 per cent of all email.The net security firm credits the dismantling of the infamous Rustock botnet, as well as the closure in September 2010 decision of equally infamous unlicensed pharmacy affiliate operation Spamit, for the overall decline in useless time-wasting messages littering our inboxes.The operators behind Rustock - blamed for 47.5 per cent of all spam, or around 44.1 billion junk mail messages per day - took a break in December 2010. Junk mail operations resumed at a slightly lower level in January, but these activities were brought to a halt by a successful takedown operation in March 2011. News Thu, 30 Jun 11 07:10:25 -0500 http://www.spambully.com/news/blog/story/1260/Spam_volumes_show_massive_drop_-_but_why?/ http://www.spambully.com/news/blog/story/1259/Spam_currently_at_lowest_level_since_McColo_takedown_in_2008:_Symantec/ The spam level in the UK was 72.6% in June 2011Spam is currently at the lowest level it has been since the takedown of McColo, a California-based ISP which hosted command and control channels for a number of major botnets, in November 2008, according to Symantec intelligence report.The global circulation of spam each day continues to fluctuate since the largest spam-sending botnet Rustocks takedown in March 2011, the intelligence report said.Returning to the same level as in April 2011, spam accounted for 72.9% of email in June, of which 76.6% was sent by botnets, compared with 83.1% in March.Symantec.cloud senior intelligence analyst Paul Wood said cybercriminals continue to use botnets to conduct distributed denial of service attacks DDoS, and carry out fraudulent click-thrus on unsuspecting websites for financial gain.They cybercriminals also use botnets to host illegal Web site content on infected computers, harvest personal data from infected users and install spyware to track victims activities online, Wood added.Following the disruption of Rustock in March, approximately 36.9 billion spam emails were in circulation each day during April. This number rose to 41.7 billion in May, before falling back to 39.2 billion in June, he said.During the same period last year, spam accounted for 121.5 billion emails in global circulation each day, equivalent to 89.3% of email traffic in News Wed, 29 Jun 11 13:53:16 -0500 http://www.spambully.com/news/blog/story/1259/Spam_currently_at_lowest_level_since_McColo_takedown_in_2008:_Symantec/ http://www.spambully.com/news/blog/story/1258/Microsofts_Answer_to_Vicious_Malware?_Reinstall_Windows/ Microsoft has discovered a new variant on a bootkit so malicious that Microsofts recommended solution is to reinstall Windows from a recovery CD.In a recent blog post on TechNet, Chun Feng, an engineer with the Microsoft Malware Protection Center, warned that users will have to roll back Windows via a recovery CD if they are infected with what it refers to as Popureb.E, which now inludes a driver component that triggers at boot time.The malware is clever enough to identify the actual physical startup disk, and it infects an operation called DriverStartIO, according to the Microsoft blog post.What it does there is even more ingenious. If it finds the write operation is trying to overwrite the MBR Master Boot Record or the disk sectors containing malicious code, it simply replaces the write operation with a read operation. The operation will still succeed, however, the data will never actually be written onto the disk.In other words, antivirus software that attempts to remove the virus be overwriting the MBR will be intercepted, and the write command replaced with a read command.Microsofts definitions page, however, claims that its most recent malware definitions dating to June 21 at least detect Popureb.E.Microsoft recommends that users try and fix the malware by using the System Recovery Console, and then using the fixmbr command. Its not clear, however, how Microsoft can fix the MBR without overwriting it - which would trigger the read operation, presumably. Microsoft then recommends using a recovery CD to restore the system to a pre-infected state. News Tue, 28 Jun 11 12:03:49 -0500 http://www.spambully.com/news/blog/story/1258/Microsofts_Answer_to_Vicious_Malware?_Reinstall_Windows/ http://www.spambully.com/news/blog/story/1257/Google_GroupMe_and_Twilio_Being_Sued_For_Spam_In_A_Class_Action_Lawsuit/ When you use a group texting mobile service like GroupMe or Google Disco, you receive messages from friends.Usually, these messages arent considered spam.But if you never agreed to receive the texts in the first place, then its a problem.Florida resident Bret Lusskin alleges he was bothered by more than 105 unwanted texts sent via Google Disco. He was never asked if hed like to receive the messages, nor were the friends who sent them required to ask his permission. He received so many messages that his phone became completely inoperable. On May 27, 2011, Lusskin and Chicago-based law firm Edelson McGuire filed a suit against Google and Slide, the makers of Disco. News Tue, 28 Jun 11 12:02:16 -0500 http://www.spambully.com/news/blog/story/1257/Google_GroupMe_and_Twilio_Being_Sued_For_Spam_In_A_Class_Action_Lawsuit/ http://www.spambully.com/news/blog/story/1256/Facebooks_spam_attack_incurs_collateral_damage/ We love to share stories about innocent Facebook users losing their profiles because they share a name with Justin Bieber or Kate Middleton, or because theyre actually an account for someones dog. Turns out developers those people who make polls, design apps, or games smaller than Zynga are also subject to unceremonious exile from the social network.Wath sic the hell hapenned?! A lot of my apps simply disapered sic! one commenter in a Facebook developer forum posted, perhaps too frantic to spell check. Given that the writer was posting in a thread titled, WARNING! HONEST application with 8 million users were just banned! sic, already filled with similar complaints, a lack of concentration is easy to understand. Over the past couple days Facebook has been shutting down a large number applications due to changes to the automated platform monitoring system, industry blog All Facebook reports. Facebooks mission to control the spammy apps junking up our profile walls turned into a scorched earth campain, it seems. After receiving complaints from Facebook developers, All Facebook found that along with smaller developers, larger apps that were at least momentarily disabled included Good Reads, Photo Effect and Social Interview.We turned on a new enforcement system yesterday that took user feedback much more heavily into account, a Facebook engineer wrote in part, acknowledging the problem on a Hacker News forum, My apologies for the suddenness of the action. The numbers were high enough to cause a real loss of trust in applications, which can impact the entire platform. Where we have failed is not providing enough feedback about negative engagement metrics to developers before needing to take this action. News Mon, 27 Jun 11 13:11:19 -0500 http://www.spambully.com/news/blog/story/1256/Facebooks_spam_attack_incurs_collateral_damage/ http://www.spambully.com/news/blog/story/1255/Feds_claim_victory_over_Coreflood_botnet/ Computerworld - Federal authorities have declared victory over the Coreflood botnet and shut down the replacement server that the FBI used to issue commands to infected PCs.The move was the final step in the two-month Operation Adeona, an attempt to cripple the botnet that originally controlled an estimated 2.3 million compromised computers.In mid-April, the U.S. Department of Justice DOJ and FBI obtained an unprecedented restraining order that allowed them to seize command-and-control CC servers that managed the Coreflood botnet and replace them with a government-controlled system.The court order also allowed the DOJ and FBI to issue commands using the replacement server that disabled Coreflood on infected PCs. Later, the FBI used the same server to uninstall the malware from 19,000 machines whose owners had given the agency their consent.On Tuesday, the government closed the civil lawsuit when a federal judge permanently barred 10 John Does from operating Coreflood. Authorities did not reveal the names of the defendants.The substitute server that had been issuing commands to the botnet has also been pulled from the case, said the FBI. News Thu, 23 Jun 11 23:29:12 -0500 http://www.spambully.com/news/blog/story/1255/Feds_claim_victory_over_Coreflood_botnet/ http://www.spambully.com/news/blog/story/1254/Ebooks:_the_latest_frontier_for_spam/ With Google clamping down on content farms, the attention of those looking to get rich quickly from churning out content is now turning to major ebook retailers and to selling stolen and replicated content.A key starting point of the problem is Private Label Rights content PLR, which allows anyone to buy prewritten content in bulk that they can then make into ebooks or website content. PLR seller Ronnie Nijmeh of PLR.me describes it as royalty-free content, which means, when you pay for a licence, you get the rights to use the content without royalty in nearly any way you please. We might be familiar with that in photographs the stock photo but when it comes to words, the idea of reusing them is less well-known. But the explosion in the number of ebook readers has made such reuse suddenly attractive to some.Mark Coker, the founder of Smashwords, an ebook distributor, sees PLR as one of the worst threats to ebooks today. Its an easy system to get involved in as well, and idiots fall prey to the PLR schemes and pay their 24.95 a month or whatever to access vast databases of generic content, and they have the ability to mix and match this content and republish it as an ebook in their own name.This isnt an issue only observed by Smashwords, with AJ McDonald of Lulu, a print and digital book distributor, experiencing similar problems. A growing concern in the ebook space is the publishing of public domain content. Sites such as Project Gutenberg and Wikipedia make it very possible for potential authors to grab works and legally republish them as their own, says McDonald. In the commercial market of ebooks this raises customer concerns over just what is good content, and which books are nothing more than amalgamated online information. News Thu, 23 Jun 11 23:26:52 -0500 http://www.spambully.com/news/blog/story/1254/Ebooks:_the_latest_frontier_for_spam/ http://www.spambully.com/news/blog/story/1253/Travelodge_investigates_customer_security_breach/ The firm wrote to customers to warn them not to respond to the emails, which claimed to offer job opportunities.Details of how hackers gained access to Travelodge customer data were not immediately available.Please be assured, we have not sold any customer data and no financial information has been compromised, said Guy Parsons, Travelodges chief executive.The safety and security of your personal information is of the upmost importance to us and as a result we are currently conducting a comprehensive investigation into this issue.There was also scant information in the letter about what data apart from email addresses could have been accessed. Travelodge offered assurances it complies with security industry encryption standards to store financial data, however. It promised to update customers on the progress of its investigation.Customers suspected the breach yesterday after discovering that email addresses that had only ever been used to register with Travelodge had received spam. News Thu, 23 Jun 11 23:25:38 -0500 http://www.spambully.com/news/blog/story/1253/Travelodge_investigates_customer_security_breach/ http://www.spambully.com/news/blog/story/1252/E-Books_Go_From_Spam_to_Riches/ Once upon a time, authors who could not find a publisher could try to publish their own books. But the process of vanity publishing was expensive and seldom financially rewarding. Now, thanks to the rise of e-books and readers such as the Amazon Kindle, the costs are negligible.That has brought problems which have been well-publicized in the last few days with a flood of largely worthless e-books cut-and-pasted from licensed material or simply pirated from copyrighted material.The financial threat to Amazon and other electronic publishers who distribute copyright-violating material could be enormous according to this article on Bnet. It says that under U.S. law, publishers may find that they are infringing the authors copyright.Still, there are no shortage of stories focusing on how the Kindle Marketplace has made some authors happy.The challenge for Amazon and others is how to enable legitimate self-publishers without opening the floodgates to the spammers. The answer seems simple. Charge authors for using the direct publishing system.E-mail is full of spam because the cost of distribution is effectively zero so even a tiny success rate is profitable. The same is currently true of e-books. A small charge would remove much of the abuse. Or is that too simple? News Wed, 22 Jun 11 13:30:24 -0500 http://www.spambully.com/news/blog/story/1252/E-Books_Go_From_Spam_to_Riches/ http://www.spambully.com/news/blog/story/1251/Malware_Spam_Pose_Greater_Security_Threat_in_2011/ Trusted malware is continuing to grow at an alarming rate, according to a new report that provides insight, background and analysis on the trends and developments in the global threat landscape by Internet and mobile security provider AVG Technologies.In the second quarter, AVGs Threat Labs saw an increase in the number of stolen digital certificates used to sign malware, before being distributed by hackers. An increase of more than 300 percent was identified at the start of 2011, compared with the whole of 2010. The Community Powered Threat ReportQ2 2011 noted that the practice of trusting signed files is rapidly losing its strength.As Macs continue to rise in popularity, they are increasingly becoming victims of cyber-crime, the report revealed. With the platform reaching crucial market share levels, it is starting to appear on the radar of cyber-criminals. While it may be a new target platform, cyber-criminals are using tried and tested social engineering techniques to attack Mac OS users, the report said.Increasingly, cyber-crooks are using mobile malware to monetize using premium SMS and fake apps, according to AVG, as monetizing techniques via mobile are much easier to operate than those in use on the PC. By spamming users to download apps or simply posting them on download stores or markets, the software distribution has become easy and scalable. The AVG Threat Labs investigated the operation of 702 Command and Control servers in the first half of 2011. The research results match the geo location of the servers as well as the popularity of the various malware versions in use by each CC. The United States holds the lead in Command and Control Servers with 30 percent of the market share, followed by Ukraine with 22 percent.The U.S. still remains the dominant source of spam, with English as the main language used in spam messages, followed by the U.K., with Brazil coming in third. However, Brazil is rapidly closing that gap and is on course to overtake the U.K., likely in the next quarter. News Wed, 22 Jun 11 13:27:38 -0500 http://www.spambully.com/news/blog/story/1251/Malware_Spam_Pose_Greater_Security_Threat_in_2011/ http://www.spambully.com/news/blog/story/1250/Massive_Spam_Attack_Is_Duping_People_With_Emails_Pretending_To_Be_From_The_Fed/ Our spam monitoring systems at Barracuda Labs are following a very large spam campaign carrying Trojan.Zeus. The spam amounts are approaching many hundreds of thousands a day and although they are being delivered to a wide cross-section of Internet users, the content of the spams is aimed at users of online banking services.When spam delivers malware, one of the most common strains it carries is the password-stealing Zeus Trojan. Zeus specifically targets banking passwords, and the gangs that distribute variants of this malware are especially interested in banking credentials belonging to small businesses and government agencies. Compared to the average consumer, these entities often have more money in their accounts and set higher limits on wire transfers. One thing small organizations dont always realize is that they do not enjoy the same protections against fraudulent transactions that consumers do.The spams use graphics hosted by the Federal Reserve and pose as notices of a failed wire transfer.Much like last weeks Chase Paymentech spam campaign, these notices are of particular interest to financial professionals. Unlike the more sophisticated Chase emails, these are a simple affair with poorly constructed text and no attempt at hiding the executable nature of the linked payload. News Wed, 22 Jun 11 13:26:07 -0500 http://www.spambully.com/news/blog/story/1250/Massive_Spam_Attack_Is_Duping_People_With_Emails_Pretending_To_Be_From_The_Fed/ http://www.spambully.com/news/blog/story/1249/New_Facebook_app_designed_to_thwart_hackers/ Facebook users can lean on a new app to help them fight spam and malware.Designed by a team of students at the University of California at Riverside, MyPageKeeper is a free Facebook app that continually monitors wall posts and news feeds for malicious content. If the app suspects that any content may contain spam or malware, it alerts you and gives you the ability to remove it.Beyond protecting your own Facebook account, it can also protect the accounts of friends who may get infected by viruses or hit by spam just by viewing your page.The app was the effort of Md Sazzadur Rahman and Ting-Kai Huang, two Ph.D. students in computer science at UCs Bourns College of Engineering. The two also worked with a Web protection service called StopTheHacker.com, which was created by Anirban Banerjee, a Ph.D. alumnus from UC Riverside, and Michalis Faloutsos, a professor of computer science and engineering at UC, according to a university press release sent out yesterday.The team created the app in response to the surge of spam and malware that has plagued Facebook users.Facebook is the new Web, Rahman said in the release. It provides a fertile ground to spread malware, since users trust links and posts that are seemingly from their friends. Hackers have realized this, and they have started using it to distribute malware and conduct identity theft. News Tue, 21 Jun 11 12:21:41 -0500 http://www.spambully.com/news/blog/story/1249/New_Facebook_app_designed_to_thwart_hackers/ http://www.spambully.com/news/blog/story/1248/Beware_of_Spam_Titles_in_Kindle_Store/ Amazons Kindle e-reader store has a spam problem, and that isnt good news for legitimate authors and consumers trying to find their books.The reason spammers have had such success is partly because self-publishing an e-book to Amazon.com is so easy anyone can do it.One solution could be to start charging authors to publish an e-book. Changing the economics should drastically reduce the number of spam titles. Currently, any sales of spam e-books are pure profit for spammers, encouraging them to publish dozens of titles in the hopes of just selling a few copies of each to make their time more than worthwhile.Charging authors 50, 20, or even just 10 to publish to Amazon would drastically cut back potential profits for spammers, and any author that spent months or years crafting a quality work should have no problem shelling out a small amount to access a global market and ensure that theres fewer titles to weed through.The spammers have been utilizing two tactics.The first is to use available software that advertises the ability to easily publish 10 to 20 Kindle books per day by basically grabbing public domain content from elsewhere and slapping it up on Amazon with a new cover. Ironically, if you dont want to use the software, theres plenty of e-books available on Amazon that will teach you how to flood Amazon with spam e-books. News Sun, 19 Jun 11 12:34:30 -0500 http://www.spambully.com/news/blog/story/1248/Beware_of_Spam_Titles_in_Kindle_Store/ http://www.spambully.com/news/blog/story/1247/Microsoft_rings_alarm_bell_on_fake_Windows_support_calls/ Computerworld - Microsoft today warned that scammers have taken to the phone lines to dupe Windows users into putting malware on their machines or paying for worthless help.The ploy isnt new -- security experts have seen it in circulation for at least a year -- but Microsoft was the first to quantify the problem.According to Microsoft, which sponsored surveys in the U.S., the U.K., Ireland and Canada, 15% of the people polled said they had received unsolicited calls from fraudsters posing as computer support technicians who claimed they were offering PC security checks.The scammers try to trick users into believing that their computer is infected -- often by having them look at a Windows log that typically shows scores of harmless or low-level errors -- then convince them to download software or let the technician remotely access the PC.The con artists charge for their help and often get people to pay for worthless software. In actuality, the software is malware that steals online account information and passwords.Theyre taking advantage of ignorance, said Sean Richmond, a senior technology consultant for Sophos, in a podcast today. News Fri, 17 Jun 11 00:00:23 -0500 http://www.spambully.com/news/blog/story/1247/Microsoft_rings_alarm_bell_on_fake_Windows_support_calls/ http://www.spambully.com/news/blog/story/1246/New_Malware_Steals_Your_Bitcoin/ Virus and malware activity increased in May, sporadically hitting peaks of more than 10 million pieces per day, AppRiver researchers said in its monthly threat-landscape report.Scammers took advantage of major news events to push out new pieces of malware while cyber-attackers continued to target large companies in May, according to AppRivers latest Threat and Spamscape report released June 15.Shortly after the death of Osama bin Laden, a number of malicious Websites purporting to contain images and video from the Navy SEAL operation appeared. They were actually downloading malware in the background. Malware related to bin Ladens death flooded users email inboxes and Facebook, according to AppRiver.There were still remnants of Royal Wedding-related malware toward the beginning of the month.The number of emails carrying viruses more than doubled for the fifth straight month, according to AppRiver researchers. In May, more than 102 million email-borne virus messages were quarantined, an increase of 239 percent over April.May 1 was the largest volume of these messages that we have seen in a single day in nearly two years, researchers wrote. News Thu, 16 Jun 11 23:58:27 -0500 http://www.spambully.com/news/blog/story/1246/New_Malware_Steals_Your_Bitcoin/ http://www.spambully.com/news/blog/story/1245/Virus_Malware_Activity_Increased_in_May_Spam_Levels_Flat/ Virus and malware activity increased in May, sporadically hitting peaks of more than 10 million pieces per day, AppRiver researchers said in its monthly threat-landscape report.Scammers took advantage of major news events to push out new pieces of malware while cyber-attackers continued to target large companies in May, according to AppRivers latest Threat and Spamscape report released June 15.Shortly after the death of Osama bin Laden, a number of malicious Websites purporting to contain images and video from the Navy SEAL operation appeared. They were actually downloading malware in the background. Malware related to bin Ladens death flooded users email inboxes and Facebook, according to AppRiver.There were still remnants of Royal Wedding-related malware toward the beginning of the month.The number of emails carrying viruses more than doubled for the fifth straight month, according to AppRiver researchers. In May, more than 102 million email-borne virus messages were quarantined, an increase of 239 percent over April.May 1 was the largest volume of these messages that we have seen in a single day in nearly two years, researchers wrote.A new malware kit, Weylan-Yutani, appeared for sale in underground forums in May, AppRiver found. At approximately 1,065, the kit was notable for its ability to create scripts designed to infect both PCs and Macs. Weylan-Yutani was the first kit that made it easy to create Mac malware and the authors promised the ability to create scripts for the iPad and Linux in later versions. News Thu, 16 Jun 11 23:53:47 -0500 http://www.spambully.com/news/blog/story/1245/Virus_Malware_Activity_Increased_in_May_Spam_Levels_Flat/ http://www.spambully.com/news/blog/story/1244/Spam_rates_hit_five-year_low_but_phishing_is_on_the_rise_Spam_percentag/ Thanks to successful botnet shutdowns, the amount of spam oozing through the Internet has dropped considerably over the past year, driving the overall percentage of unwanted email messages to depths unseen since 2006. Phishing, however, is on the rise, according to Symantecs June 2011 State of Spam Phishing Report PDF.Spam rates dropped 10 percent from April to May of this year. Between May 2010 and May 2011, spam rates plummeted 70.65 percent, according to Symantec. Those percentages appear a bit less impressive, however, when you consider that spam still made up 72.14 percent of all email messages in the month of May. Still, compared to spam rates of more than 90 percent witnessed repeatedly over the past three years, its a heartening trend.Less heartening, however: The overall phishing landscape increased by 6.67 percent between April and May, according to Symantec. Phishing websites built with automated toolkits jumped 24.82 percents, and the number of non-English phishing sites surged 17.73 percent, with Portuguese, French, Italian, and Spanish among the popular languages.Spammers and phishers are employing both familiar and new techniques to dupe users -- spam messages promoting pharmaceutical products remain popular, for example. Symantec witnessed in May an increase in pharmacy spam abusing a well-known online video sharing site. The message would say that the recipients video had been removed, for example, prompting the curious to click a link within the message supposedly going to the video site. Instead, the user would end up going to a Canadian pharmacy Web page.Additionally, Symantec saw an increase in spam designed to exploit end-users familiarity with Wikipedia by duping them into visiting a site called WikiPharmacy. Designed to resemble Wikipedia, the site promotes pharmacy products at discount prices. News Thu, 16 Jun 11 23:52:21 -0500 http://www.spambully.com/news/blog/story/1244/Spam_rates_hit_five-year_low_but_phishing_is_on_the_rise_Spam_percentag/ http://www.spambully.com/news/blog/story/1243/AutoRun_malware_infections_declining/ Following Februarys update issued by Microsoft limiting the propagation of AutoRun-based malware on Windows XP, the company has just reported that the move is working and that Microsoft is observing a significant decline in the propagation of AutoRun-based malware.More specifically, the company is observing a 59% decline on XP, followed by 74% on Vista in comparison to the 2010 infection rates: 62 percent decrease on Windows XP SP 3 68 percent decrease on Windows Vista SP 1 82 percent decrease on Windows Vista SP 2Millions of users continue using pirated Windows copies, preventing them from obtaining the latest Windows Updates, thereby exposing themselves to malware attacks.Why do you think users continue using pirated copies of Microsofts products, thereby exposing themselves to security risks? Does software piracy really lead to higher malware infection rates? News Tue, 14 Jun 11 23:55:11 -0500 http://www.spambully.com/news/blog/story/1243/AutoRun_malware_infections_declining/ http://www.spambully.com/news/blog/story/1242/HELLO_DEAR_Where_Does_Spam_Come_From?/ Rachel Swaby Typically our electronic exchanges flow from person to person, one real email address to another. But the sad fact is, the vast majority of messages sent dont have anything to do with managing relationships, workloads, or weekend plans. Spaaaaaaam!According to Dave Marcus at McAfee Labs, 80-90 percent of email floating between servers is spam. Luckily, much of whats aimed for us is deflected. Email programs employ filters to direct messages with suspicious links and attachments away from our inboxes, which is good because these messages have the potential to infect our computers or dupe us into coughing up personal information.We know all this.But theres another flavor of suspicious email that doesnt betray its malicious intent as openly: the single line of gibberish. Is it an email verification technique? Is there something coded into the message that could harm my computer? Did someone let their two year old loose on the Internet? So we decided to look into it. What are those nonsensical emails trying to do to us anyway?In order for spammers to even attempt something nefarious, they need to reach an actual human. No brilliant Facebook imitation email will do any good without a real person with a Facebook account entering in their information. So step one in any would-be scam is to verify that an address leads to a pair of eyes. News Tue, 14 Jun 11 23:52:57 -0500 http://www.spambully.com/news/blog/story/1242/HELLO_DEAR_Where_Does_Spam_Come_From?/