3 weeks ago
Vulnerabilities play only a minor role in malware spread, says researcher About two-thirds of all computer infections are due to duped users
December 8, 2008 (Computerworld) Computer users are their own worst enemies, a security company warned today, as it released data that shows software bugs were the source of just 5% of the past year's infections. The majority of the attacks carried out by 2008's top 100 pieces of malware were caused by users surfing to malicious sites and then accepting some kind of download, Trend Micro Inc. researchers said today. From Jan. 1 to Nov. 25, the top 100 attack programs infected 53% of their victims by duping them into downloading something from the Internet. An additional 12% of the infections tracked globally were caused by users opening e-mail attachments. Just 5% of the infections were related to an exploit of a software vulnerability, according to Trend Micro's analysis.
3 weeks ago
Court Allows Spyware Program to Go Back on Sale
A Florida company that sells a spyware program must change advertising pitches that emphasize the product's clandestine nature, but the company can continue to sell the application, a U.S. federal court has ruled. CyberSpy Software had been unable to sell its RemoteSpy application since Nov. 6, when a court granted a request for an injunction after a complaint by the U.S. Federal Trade Commission (FTC). The FTC alleges CyberSpy marketed RemoteSpy by giving detailed instructions on how to install the program on computers and surreptitiously collect data. A trial is scheduled for June 15 in U.S. District Court for the Middle District of Florida in Orlando. The new injunction bars CyberSpy from suggesting the program can be secretly installed or that keyloggers can be passed on as innocuous programs.
3 weeks ago
Spam levels climb as criminals replace crippled botnets
Four weeks after McColo takedown, spam back to 63% of earlier volume December 9, 2008 (Computerworld) Four weeks after spam levels plummeted when a rogue hosting company was yanked off the Internet, junk mail volumes are again up, a researcher said today. According to IronPort Systems Inc., spam volumes have partially recovered since the Nov. 11 takedown of McColo Corp., the California hosting firm that was pulled off the Web by its upstream service providers after security researchers presented them with overwhelming evidence that it was harboring a wide range of criminal activity. Among McColo's clients: cybercriminal groups that ran some of the biggest spam-spewing and malware-spreading botnets in the world. Yesterday, approximately 94.6 billion spam messages were sent worldwide, said IronPort, which estimated today's volume at 96.8 billion. Those numbers were 62% and 63%, respectively, of the 153 billion spam messages sent four weeks ago, the day McColo went offline. Immediately after the takedown, spam levels dropped to 64.1 billion, just 42% of the pre-McColo volume. Spam's resurgence comes courtesy of several botnets -- some well-known, some not -- that were largely unaffected by McColo's disappearance, said Joe Stewart, director of malware research at SecureWorks Inc.
4 weeks ago
A Scary Twist in Malware Evil-ution
Security experts are warning Internet users to be aware of a disturbing evolution in malicious software that can turn a single infected computer into a vehicle for stealing data from any nearby systems, regardless of what operating system or security software those computers may be running. The evolution comes compliments of the DNSChanger family of malware, which usually comes disguised as a codec or browser plug-in that a user is told he or she needs to install in order to view Web-based videos. As its name suggests, the malware alters the domain name system (DNS) server settings on infected systems, effectively routing the victim's Web searches and other online activities through servers that the attackers control. DNSChanger can install on a Mac or Windows computer. The added feature in the latest version of DNSChanger is that it installs its own DHCP server on the victim's machine. DHCP stands for "dynamic host control protocol," and it is what wired and wireless routers use to hand out addresses to computers on a network. In fact, most laptops are configured to automatically request an Internet address from any local wireless network that happens to be handing them out. Why is this a big deal? By adding its own DHCP server to a host machine, DNSChanger can now offer nearby wireless-equipped devices an Internet address, complete with its own set of rogue DNS servers.
4 weeks ago
'Tis the season for making mischief on the Web
'Tis the season for making merry. Or in some cases making mischief, especially on the Web. Whether you're shopping online or just checking your personal e-mail, don't get financially fooled this holiday season. "In this economy, when we're all trying to get the most bang for our buck, we're letting down our guard," said Parry Aftab, a privacy attorney and the new family Internet safety adviser for McAfee Inc., a computer security firm. The hectic holidays, when people are hurrying and hunting for bargains, are especially ripe for online ripoffs, experts say.
4 weeks ago
What Is The Next Step In The War On Spam?
We all know that spammers will do what ever it takes to find a way to send their advertisements and scams to potential victims. Spammers are circumventing methods services like Gmail, HotMail, andYahoo (NSDQ: YHOO)! use to stop automated spam to the point that even legitmate users of these services are unwitting victims anti-spam. Larry Seltzer at eWeek posted a blog Spammers Sidestep SMTP about what happens when spammers start using free web based like Gmail, HotMail, and Yahoo! mail systems to send spam. Seltzer suggests new tests need to be developed to check for "humaness" or perhaps a change in how email is sent and received are potential solutions. I got a call on Sunday from an InformationWeek visitor about a problem he is experiencing with forwarding spam email to spam@uce.gov, the Federal Trade Commissions email account for reporting spam and phishing. Ironically, he was also blocked by TechWeb’s anti-spam gateway for a bad reputation, hence the phone call. I asked him to forward me the email to my web account and guess where it ended up? If you guessed my spam folder, you would be right. There are a couple of things going on that makes sending and receiving legitimate email bothersome. Public mail services like Gmail, Yahoo! and Hotmail to filter outbound email for potential spam sent from bogus accounts. That is a reasonable and a responsible action to take. But as we know with any anti-spam system, sometimes legitimate email gets caught in the mix; even email that is being sent to the an authorized spam reporting drop box like spam@uce.gov.
4 weeks ago
Malware Sets Records in 2008
The year 2008 has seen another record of explosive growth in the amount of malicious software (malware) on the Internet, according to F-Secure. F-Secure protects consumers and businesses against computer viruses and other threats from the Internet and mobile networks. The company's detection count tripled in one year, or rather, the total amount of malware accumulated over the previous 21 years increased by 200 percent in the course of just one year. The security firm released these findings in its End of Year Data Security Wrap-up for 2008. Internet crime is now more prevalent and more professional than ever before, said the company. F-Secure believes that the obvious inefficiency of the international and national authorities in catching, prosecuting and sentencing Internet criminals is a problem that needs to be solved. Mikko Hyppönen, F-Secure's chief research officer has called for the establishment of 'Internetpol' to tackle online crime.
4 weeks ago
FBI's 6 Simple Tips To Keep Your Computer Safe
A special agent in the FBI's Cyber Division offered the following tips to protect your computer from intrusion: * Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection. * Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users' knowledge. Most types of antivirus software can be set up to update automatically. * Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It's like buying groceries—shop where you trust.
4 weeks ago
Thieves Winning Online War, Maybe in Your PC
SAN FRANCISCO — Internet security is broken, and nobody seems to know quite how to fix it. Despite the efforts of the computer security industry and a half-decade struggle by Microsoft to protect its Windows operating system, malicious software is spreading faster than ever. The so-called malware surreptitiously takes over a PC and then uses that computer to spread more malware to other machines exponentially. Computer scientists and security researchers acknowledge they cannot get ahead of the onslaught. As more business and social life has moved onto the Web, criminals thriving on an underground economy of credit card thefts, bank fraud and other scams rob computer users of an estimated $100 billion a year, according to a conservative estimate by the Organization for Security and Cooperation in Europe. A Russian company that sells fake antivirus software that actually takes over a computer pays its illicit distributors as much as $5 million a year. With vast resources from stolen credit card and other financial information, the cyberattackers are handily winning a technology arms race.
1 month ago
Malware volumes exploded in 2008 and could herald an even worse 2009, according to security experts.
MessageLabs said in its Annual Security Report that a number of new cyber-crime trends had taken shape, among them more targeted attacks and a greater focus on web services and social networks. Among the major trends was a surge in web-based attacks. Reports of sites being used to spread malware jumped by 83 per cent over the year, a figure largely attributed to an increase in SQL injection attacks over the summer. Social networking sites and web-based applications were also a popular target this year. MessageLabs saw major increases in attacks as criminals adopted the use of fake profile pages or phony video sites to infect new users. The company expects this trend to continue into 2009. "In 2008 the threats targeting social networking environments became very real," said MessageLabs chief security analyst Mark Sunner.
