9 total posts
'Storm Worm' rages across the globe
By Dawn Kawamoto
Staff Writer, CNET News.com
Published: January 19, 2007,
update The new "Storm Worm" is baiting people with timely information about a real-life, deadly front in Europe and is creating one of the larger worm attacks in recent years, security researchers said Friday.
Over an eight-hour period Thursday, the worm sent malicious e-mails across the globe to hundreds of thousands of people, who unknowingly were part of a botnet, said Mikko Hypponen, chief research officer for F-Secure. A botnet serves as an army of commandeered computers, which are used by attackers to distribute malicious payloads without their owners' knowledge.
Storm Worm carries the subject line "230 dead as storm batters Europe," Hypponen said, noting the unusual twist to the e-mail.
Read more: http://news.com.com/Storm+Worm+rages+across+the+globe/2100-7349_3-6151414.html?part=rss&tag=6151414&subj=news
Phishers: Click here, or eBay shuts down
Fiona Raisbeck Jan 19 2007 14:26
Hackers are claiming the ultra-popular auction site eBay will shut down next month in their latest attempt to extract personal information from web users.
The phishing emails say eBay will close up shop on Feb. 27 and ask members to vote on whether they think this should happen. The message claims that if 50 percent of recipients disagree with the business decision, the website will remain online, according to experts at Sophos.
By clicking on either of the voting links, the user will be directed to a malicious website aiming to steal usernames and passwords.
Read more: http://www.scmagazine.com/us/news/article/627184/phishers-click-here-ebay-shuts-down/
Don't fall victim to the 'Free Wi-Fi' scam
Those wireless connections could be a trap
January 19, 2007 (Computerworld) -- The next time you're at an airport looking for a wireless hot spot, and you see one called "Free Wi-Fi" or a similar name, beware -- you may end up being victimized by the latest hot-spot scam hitting airports across the country.
You could end up being the target of a "man in the middle" attack, in which a hacker is able to steal the information you send over the Internet, including usernames and passwords. And you could also have your files and identity stolen, end up with a spyware-infested PC and have your PC turned into a spam-spewing zombie. The attack could even leave your laptop open to hackers every time you turn it on, by allowing anyone to connect to it without your knowledge.
If you're a Windows Vista user, you're especially susceptible to this attack because of the difficulty in identifying it when using Vista. In this article, you'll learn how the attack works and how to keep yourself safe from it if you use Windows XP or Vista.
Read more: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9008399&source=rss_topic17
Russian phishing gang targets Nordea customers...
By Andy McCue
Published: Friday 19 January 2007
Russian hackers have stolen
Storm-Worm Small.DAM Spread Quickly
The Small.DAM (Storm-Worm) we posted on earlier spread very fast during the night, Helsinki time. The heavy seeding through spam was quickly obvious on our tracking screens. The worm was spread throughout the world very rapidly.
Here is some footage of the worm's spread to share with our readers:
anti-virus coverage is poor.
The current summary from Virustotal:
Read more: http://isc.sans.org/
Microsoft scrambles to fix flawed Excel patch
Many users unable to open documents
Shaun Nichols in California, vnunet.com 19 Jan 2007
Microsoft has released a fix for an Excel security patch after the initial update left users unable to open certain documents.
The error in Microsoft's MS07-002 security update affected users of the Korean, Chinese and Japanese versions of Excel 2000, preventing them from opening any files.
Read more: http://www.vnunet.com/vnunet/news/2172955/microsoft-scrambles-fix-flawed
Spyware maker's sick, dark humor
From Francesco, in our spyware research team:
Here's a screenshot from one of the sites from the "Ricercadoppia/Lowzones" spammers/hidden dialers installers.
Coprocefalo literally means ?sh*t? (copro) ?head? (cefalo) and ?zombie maker?. Iit's pretty obvious what it means, especially since their trojan infector that allows them to send spam creates the file "cefalo.exe".
In the past, this group has also been seen installing the Zango toolbar (and we suspect they may still be doing that).