Help | Contact | Forum | Affiliates | Press
Purchase
Download
Features
Screenshots
Demo
Melbourne, Feb 1 : For 40 minutes yesterday, Internet was all "spam" - as search engine 'mogul' Google was brought to a standstill after an employee mistakenly clogged-up any access to web pages through its site. Web users were stunned to see erroneous messages between 1:30am and 2:25am last night reporting that every site turned up in their results might be harmful, reports News.com.au. Google blamed the problem on human error and apologised to users and site owners whose pages were incorrectly labelled. "Anyone who did a Google search during that time likely saw the message 'This site may harm your computer'' accompanying every search result, the company said on its blog. Google said the message is regularly used to flag sites known to install malicious software in the background or surreptitiously to protect users. The glitch was caught by on-call staff and the file was quickly fixed, Google said.
Security experts are warning of a rising number of Valentine's Day spam messages and malware attacks. Symantec and the US Computer Emergency Readiness Team (US-Cert) issued advisories to users after a number of malicious spam messages were found to be using Valentine's Day themes as a lure. US-Cert said that it had received reports of spam messages which contained links to malicious websites. The sites attempted to download an executable onto the user's system under the names 'youandme.exe' or 'onlyyou.exe'. The group is advising users to avoid dangerous spam with basic security practices such as avoiding unsolicited links and keeping all system and security software updated. Meanwhile, researchers at Symantec have already compiled a list of the most popular Valentine's Day spam headlines. According to researcher Dylan Morss, the list has thus far been dominated by male enhancement products and the lure of free shopping sprees.
A fired Unix engineer stands accused of planting a malware time bomb at the mortgage firm Fannie Mae that had the potential to destroy countless computer files, federal officials said. Rajendrasinh Makwana, 35, of Frederick, Md., was indicted on Jan. 27 for the attempted malware attack. Makwana was an employee for a firm called OmniTech, and worked at Fannie Mae’s facility in Urbana, Md., as a contract employee. After being terminated on Oct. 24, federal officials say Makwana retaliated by hiding malicious code on a Fannie Mae server and setting it to go active Jan. 31. Five days later, another Unix engineer discovered the malicious script embedded within a pre-existing, legitimate script. According to a federal affidavit, the legitimate script runs every morning at 9 a.m. and validates that there are two storage area network paths running correctly and operationally through all Fannie Mae servers. The malicious script was at the bottom of the legitimate script and was separated by roughly one page of blank lines in an apparent attempt to hide the malicious script within a legitimate script. Federal officials said Makwana was terminated because on or about Oct. 10 or Oct. 11 he created a computer script that changed the setting on the Unix servers without getting the nod of his supervisor. That script was not malicious.
Over 90 percent of email sent to corporations during 2008 was either spam or malware, security firm Panda Security reported Wednesday. Panda's findings from its PandaLabs subsidiary were based on actual data that the company collected over 2008, and not a survey or other projection. Panda monitored 430 million email messages during the year using its TrustLayer Mail service, and found that 89.88 were spam, with an additional 1.11 percent containing actual malware. A spokeswoman for Panda said that she was unable to report the number of companies Panda's research covered by post time. But if the Panda numbers are accurate, however, then they indicate that even high-profile antispam operations have had almost no effect on the levels of spam. For example, in October 2008, the FTC broke up what Spamhaus called the largest spam gang in the world. In November, the spam level did drop – but by less than 1.7 percent. Throughout 2008, spam levels reached a low in January of 76.27 percent of all emails transmitted, but climbed to a high in April of 94.75 percent before finishing the year at under 90 percent. The most popular spam topics were sexual enhancers and pharmaceuticals, which accounted for 20.5 percent and 32.25 percent of all spam, respectively. Fake brand-name goods represented over 16 percent of the total. Up-and-coming spam topics included mortgage offers and fake job offers.
Spam levels have recovered from the November takedown of Internet Service Provider McColo with vigor and are set to be at pre-McColo levels over the next month, a Google Message Security report found. Since November, spam has continued to grow 156 percent. And in light of spam's rapid upward growth, experts at Google (NSDQ:GOOG) Message Security, powered by Postini, anticipate that spam is likely to reach pre-McColo levels within the next three to five weeks. Spam levels dropped an unprecedented 70 to 80 percent following the November takedown of the McColo ISP, which provided second-generation command and control centers for botnets. The ISP was disconnected by upstream providers when it came to light that McColo housed numerous child pornography and malware-hosting Web sites. "We actually saw a major drop as a result of [the takedown of] service provider McColo," said Adam Swidler, senior product manager for Google Message Security. "But one thing that's interesting is that it appears as though the spammers are reseeding the botnets to replace what they lost in the McColo takedown." In 2008, spammers were able to successfully distribute malware by tricking users into opening e-mails containing infected attachments or links by impersonating legitimate notifications from legitimate businesses -- a ploy that resulted in a six-fold spike in spam during the last half of the year. Experts say that some of the most popular social engineering tactics exploited the presidential election and the failing economy, with offers from low interest home loans to new lines of credit.
If you ever wondered just how much spam and malware most companies have to deal with in managing their e-mail systems, well, it turns out it's even more than you might have thought. For, according to a new study issued by researchers at AV specialists Panda, the astonishing amounts of spam and malware attacks that arrive at companies electronic doorsteps each day is shockingly over 90 percent. Yes, that's right, according to Panda's survey of 430 million e-mail messages received by its customers during the last year, only 8.4 percent were legitimate. Think about the sheer volume of unwanted e-mail that represents, and how much money companies are paying to process all that content on their servers and gateways. Something tells me that the federal government might take a much closer interest in the issue if you work out the math on that one, and how it sucks money out of the U.S. economy. Newly received spam does, however, still vastly outpace the arrival of e-mail borne malware attacks, which accounted for only 1.11 percent of the messages analyzed by Panda. The most common format for spam remains sexual performance-oriented pharmaceuticals, the company said. Spam campaigns playing on the ongoing economic turmoil also grew significantly throughout 2008, with fake job offers and diplomas accounting for 2.75 percent of all spam, while mortgage deals and phony loans were responsible for 4.75 percent, the company said.
January 26, 2009 (Computerworld) A social networking site operated by the 2008 Barack Obama presidential campaign is serving up malware to unwary visitors a full week after the tactic was reported, a security researcher said today. My.BarackObama.com, still active after the innauguration last week of President Obama, is being used by hackers trying to dupe users into downloading a Trojan horse, said Dan Hubbard vice president of security research at Websense Inc. My.BarackObama.com provides tools that enable visitors to join groups of Obama supporters, raise funds and create a personal blog hosted on the site. The criminals have set up bogus accounts and used them to create blogs. When a user reaches one of the fake blogs, a YouTube-like video window is displayed; clicking on that video frame takes the user to a malicious Web site packed with pornography. If the user clicks to view the porn, a message pops up claiming a video codec must be downloaded and installed. The executable file is no codec, but rather a Trojan horse that hijacks the PC.
Some of the most prolific and recognizable malware disbursed by Russian and East European cyber crime groups purposefully avoids infecting computers if the program detects the potential victim is a native resident. But evidence from the Conficker worm -- which by some estimates is infecting more than one million new PCs each day -- shows that trend may be shifting. According to an analysis by Microsoft engineers, the original version of the Downadup (a.k.a. "Conficker") worm will quit the installation process if the malware detects the host system is configured with a Ukrainian keyboard layout. However, the latest variant has no such restriction. Stats collected by Finnish computer security firm F-Secure show that Russia and Ukraine had the second and fifth-largest number of victims from the worm, 139,934 and 63,939, respectively, as of Tuesday, Jan. 20. In the past, attackers from the infamous rogue anti-spyware families -- such as Antivirus 2009 -- have been programmed so that they fail to install if the installer detects the system is running a Russian or Ukrainian version of Windows. Cyber crime affiliate sites such as "installscash.com" will pay affiliates good money for installing their adware and spyware on machines in dozens of countries. But affiliates who try to make money infecting Russian and former Soviet Republic nations that make up the Commonwealth of Independent States (CIS) are out of luck (see snapshot above, taken from installscash.com).
Spammers have regrouped and are finding ways to send more junk mail despite recent efforts by security experts. Spam levels dropped by almost half when rogue ISP (Internet service provider) McColo was taken offline in November. But some new botnets and even older ones are churning out more spam. "At the current rates, we'll be back at those pre-McColo takedown levels probably within the next three to five weeks," said Adam Swidler, senior product marketing manager for Google Message Security, also known as Postini. Google said Monday it has seen a 156 percent increase in spam since McColo went offline. McColo hosted the so-called command-and-control servers for botnets that are used to instruct PCs to send spam. The botnets included Rustock, Srizbi, Pushdo/Cutwail, Mega-D and Gheg. McColo's takedown for the most part killed off the Srizbi botnet, which was blamed for sending a large proportion of the world's spam. But other botnets -- which are essentially legions of hacked computers configured to send spam -- are picking up the slack.
Twitter is having growing pains that include spam posts and spam accounts. One Twitter account was recently suspended after a blog post which included a video by Graham Cluley, a Senior Technology Consultant at Sophos, about a "very suspicious" user by the name of "Sara Cross", aka Sara4877 who Cluley believed to be a spammer. In the video Cluley shows viewers how to spot a potential Twitter spammer that may be following you. If the user who's following you has a new account, normally indicated by no posts, or at least very few and only seems to follow people with the same word in their name (i.e. the same surname, etc.) then the account is likely to be a spam account. Cluley's Sophos blog has been updated with the news that the Sara4877 account has now been suspended. The suspended account page links to Twitter's help and support resources about account suspension. The page explains the criteria for Twitter freezing an account, ranging from user name squatting, to spamming. Advertisement At least one website has already been created with the aim of stopping the spam on Twitter and it even offers several proposed solutions. Also offered by the site are some anti-spam setting and tools you can use for your own Twitter account. Spam is becoming a problem as Twitter's user base grows, along with it's mainstream popularity. The spam is coming from false user accounts that are adding / following hundreds of people at a time in hopes of being followed automatically in return. The spam messages usually include links to dating sites, sales sites, and even malware software downloads.
