Spyware, Viruses, & Security

Alert

NEWS - March 26, 2012

by Carol~ Forum moderator / March 26, 2012 2:49 AM PDT
Microsoft Takes Down Dozens of Zeus, SpyEye Botnets

Microsoft today announced the execution of a carefully planned takedown of dozens of botnets powered by ZeuS and SpyEye - powerful banking Trojans that have helped thieves steal more than $100 million from small to mid-sized businesses in the United States and abroad.

In a consolidated legal filing, Microsoft received court approval to seize several servers in Scranton, Penn. and Lombard, Ill. used to control dozens of ZeuS and SpyEye botnets. The company also was granted permission to take control of 800 domains that were used by the crime machines.The company published a video showing a portion of the seizures, conducted late last week with the help of U.S. Marshals.

This is the latest in a string of botnet takedowns executed by Microsoft's legal team, but this appears to be the first one in which the company invoked the Racketeer Influenced and Corrupt Organizations (RICO) Act.

Continued : https://krebsonsecurity.com/2012/03/microsoft-takes-down-dozens-of-zeus-spyeye-botnets/

Also:
Microsoft, Financial Groups Execute Takedown of Zeus Botnet Servers
Microsoft uses racketeering law to seize servers, take down botnets
Microsoft takes down Zeus botnets
Post a reply
Discussion is locked
You are posting a reply to: NEWS - March 26, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - March 26, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Facebook 'Like' Scam Driven by Malicious Chrome Extension
by Carol~ Forum moderator / March 26, 2012 3:56 AM PDT
In reply to: NEWS - March 26, 2012

A Kaspersky Lab researcher has discovered a Brazilian social engineering campaign that attempts to trick Facebook users into installing a malicious plug-in hosted on Google's Chrome Web Store.

The Facebook scam-page solicits victims by promising to teach them how to "remove the virus from their Facebook profile." Securelist claims that the application has 923 users, according to a post by researcher Fabio Assolini.

Users are asked (in Portuguese) to, "1) Click on install app, 2) click on allow or continue, and, 3) click on install now." Users that decide to click "Install aplicativo" are redirected to the legitimate Chrome Web Store where a malicious extension masquerades as Adobe Flash Player, Assolini wrote.

Once the extension is installed it has complete control of a user's profile. It then sends messages to that user's 'Friends,' encouraging them to install the malicious extension themselves. The app also sends out commands that make its victims' profiles 'Like' certain pages. This is the point. The scammers have created a service of selling 'Likes' to companies trying to promote their profiles on Facebook.

Continued : http://threatpost.com/en_us/blogs/facebook-scam-driven-malicious-chrome-extension-032612

Also:
Facebook Scammers Host Trojan Horse Extensions on the Chrome Web Store
Facebook users targeted with account-hijacking Chrome extensions

Collapse -
Paedophiles 'disguise' child abuse pages as legit websites
by Carol~ Forum moderator / March 26, 2012 3:56 AM PDT
In reply to: NEWS - March 26, 2012

Child abusers are latching onto new methods to distribute paedophilic material online, according to an annual report by the Internet Watch Foundation.

The study, published on Monday, reports that paedophiles are 'disguising' websites to appear as if they host only legitimate content. However, if an internet user follows a particular digital path they will be able to view vile images and videos of children being sexually abused.

The technique, which has many legitimate applications, is also widely used by paedophiles. IWF experts encountered the tactic nearly 600 times last year. None of the websites in question were hosted in the UK.

Susie Hargreaves, IWF chief executive, explained: "We received reports to our Hotline by online users who have stumbled across these sites. They pose challenges because when the website is accessed directly, only legal content appears.

"However, the reports we receive by the public can be quite detailed and these reporters were sure of what they had seen. Our analysts investigated further and discovered a legitimate web development technique was being used to disguise the website from all those who had not followed a particular digital path to access it.

Continued : http://www.theregister.co.uk/2012/03/26/iwf_report/

Also: Paedophiles using new method to hide child abuse images online

@ IWF: Internet Watch Foundation report highlights new abuse of online technology

Collapse -
Fake eBay identity confirmation message hitting inboxes
by Carol~ Forum moderator / March 26, 2012 4:42 AM PDT
In reply to: NEWS - March 26, 2012

Ebay users are once again targeted with fake notifications asking them to "confirm their identity".

"Dear eBay Community Member, You're signing in from a computer we're not familiar with," says the bogus message. "That's no problem, but we need to take a few moments just to make sure no one is trying to access your account without permission. Please log in to your account and complete the form on the next page. "

The link points to a spoofed eBay login page. The victims are first asked to type in their login credentials, and then urged to answer their security question and enter their email address. Finally, they are redirected to the real eBay website, while the information inserted in the bogus site is sent to the phishers that set it up.

"The link in the email uses HTML to make it appear that it points to a genuine eBay web address," points out Hoax-Slayer. "Moreover, to further the illusion of legitimacy, the scammers have copied the text of a standard security protocol message that is sometimes employed by eBay to protect user accounts."

Continued :http://www.net-security.org/malware_news.php?id=2049

Also: Crooks Replicate eBay Verification Emails to Steal Accounts

Collapse -
Barclays contactless card users exposed to fraud
by Carol~ Forum moderator / March 26, 2012 4:42 AM PDT
In reply to: NEWS - March 26, 2012

"Barclays "wave and pay" cards store unencrypted data than can be stolen using a smartphone"

A flaw has been discovered in Barclays contactless bank cards that could allow customers' data to be stolen and used fraudulently without them even knowing about it.

An investigation by ViaForensics, in conjunction with Channel 4 News, has revealed that data can be lifted from Near Field Communications (NFC) chips used in Barclays contactless Visa cards by simply touching a smartphone installed with a piece of specialised software to a card. That data - which is unencrypted - can then be used to purchase multiple goods online.

"All I did was I tapped my phone over your wallet and using the wireless reader on the phone I was able to lift out the details from your card," Thomas Cannon of ViaForensics told Channel 4 News. "That includes the long card number, the expiry date and your name. None of it was encrypted, it was simply a case of the details coming out through the air."

Typically, this would not be enough information to perform "cardholder not present" transactions over the internet or the phone, because most retailers require the three-digit signature (CVV) code from the back of the card and a valid address. However, during the course of the research it was found that there are some major online retailers that do not require this information.

Continued : http://www.networkworld.com/news/2012/032612-barclays-contactless-card-users-exposed-257649.html

Also:
Barclays 'contactless' cards exposed to fraud
Barclaycard pay-by-bonk fraud risk exposes Amazon's security

Collapse -
A Busy Week for Cybercrime Justice
by Carol~ Forum moderator / March 26, 2012 4:42 AM PDT
In reply to: NEWS - March 26, 2012

Last week was a bad one to be a cybercrook. Authorities in Russia arrested several men thought to be behind the Carberp banking Trojan, and obtained a guilty verdict against the infamous spammer Leo Kuvayev. In the United States, a jury returned a 33-month jail sentence against a Belarusian who ran a call service for cyber thieves. At the same time, U.S. prosecutors secured a guilty plea against a Russian man who was part of a gang that stole more than $3 million from U.S. businesses fleeced with the help of the ZeuS Trojan.

In August 2010, KrebsOnSecurity broke the news that spam king Leonid "Leo" Aleksandorovich Kuvayev, was being held in a Russian prison awaiting multiple child molestation charges. Late Friday, a Moscow City court judge rendered a guilty verdict against Kuvayev for crimes against the sexual integrity of minors, according to Russian news agency Lenta.ru.

In 2005, the attorney general of Massachusetts successfully sued Kuvayev for violations of the CAN-SPAM Act, a law that prohibits the sending of e-mail that includes false or misleading information about the origins of the message, among other restrictions. Armed with a massive trove of spam evidence gathered largely by lawyers and security experts at Microsoft Corp., the state showed that Kuvayev's operation, an affiliate program known as BadCow, was responsible for blasting tens of millions of junk e-mails peddling everything from pirated software to counterfeit pharmaceuticals and porn.

Continued : https://krebsonsecurity.com/2012/03/a-busy-week-for-cybercrime-justice/

Collapse -
Senators Ask DoJ To Determine If Facebook Password Requests
by Carol~ Forum moderator / March 26, 2012 6:37 AM PDT
In reply to: NEWS - March 26, 2012
Senators Ask Justice Dept. To Determine If Facebook Password Requests Are Illegal

Two U.S. senators are asking the Justice Department and Equal Employment Opportunity Commission to investigate whether employers asking for the Facebook passwords of job applicants is against the law.

The Associated Press is reporting that the offices of Democratic Sens. Chuck Schumer of New York and Richard Blumenthal of Connecticut announced that they have called for an official probe.

The news follows several reports of companies either asking for job candidates' Facebook passwords or watching as candidates login to their accounts and click through photos, wall posts, comments, and other items that might otherwise be protected by privacy controls, a practice known as "shoulder surfing."

Facebook last week spoke out against the practice as a violation of privacy, pointing out that it could also open up employers to accusations of discrimination, as well as other liabilities.

Continued : http://www.pcmag.com/article2/0,2817,2402105,00.asp

Chuck Schumer's Press Release:
Employer Demands For Facebook And Email Passwords As Precondition For Job Interviews May Be A Violation Of Federal Law; Senators Ask Feds To Investigate

Also:
Lawmakers Call for Investigation of Facebook Password Requests
US senators demand investigation into Facebook password row
More Lawmakers Champion Facebook Password Privacy
Collapse -
FTC Chairman: Do-Not-Track Law May Not Be Needed
by Carol~ Forum moderator / March 26, 2012 6:37 AM PDT
In reply to: NEWS - March 26, 2012

A do-not-track law focused on protecting Web users' privacy may not be necessary, with private groups working to implement recommendations from the U.S. Federal Trade Commission, the agency's chairman said Monday.

The Digital Advertising Alliance, representing more than 95 percent of online advertisers, and other groups are making "extraordinary strides" in implementing a browser-based do-not-track system, like one the FTC recommended in late 2010, said FTC Chairman Jon Leibowitz. But if the DAA or other groups do not make more improvements to the system by the end of the year, there will be some momentum in the U.S. Congress to pass do-not-track legislation, he said.

Two bills in Congress -- not including one that applies only to children -- would create a law enforcing a consumer's decision to opt out of online tracking by advertising networks and other businesses. The bills are currently stalled in Congress.

However, Congress should pass a handful of new laws, and private businesses can take more steps to protect online privacy, Leibowitz said. A new FTC privacy report, released Monday, calls on Congress to pass legislation that would allow consumers to have access to personal data held by data brokers and legislation to provide a general privacy framework for Web users.

Continued : http://www.pcworld.com/businesscenter/article/252556/ftc_chairman_donottrack_law_may_not_be_needed.html

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Tech Tip

Know how to save a wet phone?

It's not with a dryer and it's not with rice. CNET shows you the secret to saving your phone.