Spyware, Viruses, & Security forum


NEWS - July 22, 2011

by Carol~ Moderator / July 21, 2011 10:59 PM PDT
Pfizer's Facebook page hacked - don't be next!

Pharmaceutical megacorp Pfizer's Facebook page was defaced a couple of days ago, and then restored.

Responsibility was claimed by a newly-created Twitter account calling itself Script Kiddies. He/she/it urged that Pfizer should be stopped because "they're corrupt and the damage they create is senseless".

Intellectually challenging stuff.

Actually, calling this a hack is a bit like saying that you're going on an overland holiday when all you're really planning to do is to pop into the pub briefly on your way home. If the screen-grab on The Hawthorne Effect website is to be believed, the hacker - aaargh, I'm doing it again! - did nothing more than guess the password of someone at Pfizer's PR company who had access to the page. [Screenshot]

If you've ever worked with, or for, PR companies in recent years, you'll know that they will urge even their most old-fashioned customers to embrace the social media scene. And many organisations are inclined to trust their PR companies as social media experts (which they may well be), enlisting their help to get into social networking.

Continued : http://nakedsecurity.sophos.com/2011/07/22/pfizers-facebook-page-hacked-dont-be-next/

Also: Pfizer's Facebook page jacked by script kiddies
Discussion is locked
You are posting a reply to: NEWS - July 22, 2011
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - July 22, 2011
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Comcast Hijacks Firefox Homepage: "We'll Fix"
by Carol~ Moderator / July 21, 2011 11:02 PM PDT
In reply to: NEWS - July 22, 2011

Comcast says it is revamping the software that new customers need to install to start service with the ISP. The software is unfriendly to Mac users running Firefox: It changes the browser's homepage to comcast.net, and blocks users from changing it to anything else.

I heard this from a friend who'd just signed up for Comcast's Xfinity high-speed Internet service and soon discovered some behavior on his Mac that is akin to Windows malware — something had hijacked his Internet settings. The technician who arrived to turn on the service said that a software package from Comcast was necessary to complete the installation. My friend later discovered that his homepage had been changed to comcast.net, and that Comcast software had modified his Firefox profile so that there was no way to change the homepage setting.

I contacted Comcast; they initially blamed the problem on a bug in Firefox. Mozilla denies this, and says it's Comcast's doing.

"This is NOT a Firefox bug or issue," a Mozilla spokesperson wrote in an email. "It is a Comcast method that applies preference changes to Firefox."

Comcast spokesman Charlie Douglas acknowledged that the Xfinity software hijacks Firefox's settings. He said the problem is limited to Mac users, and that permanency of the change was unintentional. He added that the company is in the process of correcting the installation software.

Continued : http://krebsonsecurity.com/2011/07/comcast-hijacks-firefox-homepage-well-fix/

Collapse -
AnonPlus, Anonymous's social network, is hacked
by Carol~ Moderator / July 21, 2011 11:49 PM PDT
In reply to: NEWS - July 22, 2011

Within days of the hacktivist group Anonymous announcing it was setting up its own social network (after being unceremoniously booted off Google+), its plans have taken a somewhat humiliating turn.

AnonPlus, Anonymous's planned social network, has been defaced by rival hackers.

A group of hackers apparently based in Turkey replaced AnonPlus's main webpage with an image of a dog wearing a suit, mocking the more normal Anonymous logo, and messages in Turkish and English: [Screenshot]


This logo suits you more..How dare you rise against to the World..Do you really think that you are Ottoman Empire?
We thought you before that you cannot challenge with the world and we teach you cannot be social
Now all of you go to your doghouse..

You would expect active members of the Anonymous collective to know a thing or two about elementary computer security, but clearly their site had vulnerabilities or someone was sloppy in their choice of password if rivals were able to break in and change the content.

I think the message we can take from this defacement is that not every computer enthusiast in Turkey is a fan of Anonymous.

Continued : http://nakedsecurity.sophos.com/2011/07/22/anonplus-anonymouss-social-network-is-hacked/

Collapse -
Operation Phish Phry - Revisited
by Carol~ Moderator / July 21, 2011 11:49 PM PDT
In reply to: NEWS - July 22, 2011

Symantec Connect Blog:

Like the career of a one hit wonder pop star, it started with a bang and went out with a whisper. Almost two years ago, the big news was about Operation Phish Phry. In October 2009, the FBI announced that almost one hundred people (half here in the US, half in Egypt) had been arrested for running a phishing ring. At the end of June this year, news reports announced the sentencing of Kenneth Joseph Lucas, who was the key US figure in this crime story. Convicted of 49 counts of bank and wired fraud, Lucas was sentenced to 13 years in federal prison.

Lucas is not a hacker. He ran the money mules in the US who opened accounts for the hackers in Egypt to deposit their stolen money into. The Egyptian hackers stole logins and passwords from the customers of US banks and then transferred people's money into the accounts the money mules had set up. The money mules withdrew the money, kept a piece for themselves, and passed the rest on to Lucas. Lucas kept his share, and passed the rest on to the Egyptians. The feds say the gang raked in more than one million dollars.

If you blinked, you will have missed the news of his conviction and sentencing. It wasn't given a lot of coverage. And, what coverage there was did not have a lot of detail. If Lucas had not also showcased his prowess in growing marijuana in a YouTube video, he may not have even gotten the couple of paragraphs of coverage he did get.

Continued : http://www.symantec.com/connect/blogs/operation-phish-phry-revisited

Collapse -
Murdoch-detecting app for Firefox tips up
by Carol~ Moderator / July 22, 2011 4:32 AM PDT
In reply to: NEWS - July 22, 2011

[Screenshot] - Happy

A Firefox add-on that issues a warning should a user inadvertently stray onto a web site operated by the now universally loathed Murdoch empire has been created.

Murdoch Alert, "show/s a warning bar on Murdoch Family - controlled websites" its creator writes. "This alerts users to the potential computer security risks of accessing Murdoch - controlled sites. Handy also for identifying the news sources controlled by the Murdoch Family."

The rationale for the add-on is that following the arrest of NewsCorp agents "for hacking into the phones and computers of at least thousands of innocent people", users might like to be made aware when their clicks may be seen to be sponsoring this illegal activity. "Since the Murdoch family controls 100+ high-traffic domains, it is difficult for average users to know which sites could potentially place them at risk," the creator writes.

The arrival of the Firefox extension follows the release a couple of days ago of a Chrome extension called Murdoch Block, which, rather than issue a warning, blocks the offending sites entirely.


Collapse -
New tool for Facebook scammers
by Carol~ Moderator / July 22, 2011 7:35 AM PDT
In reply to: NEWS - July 22, 2011

Facebook has rolled out a new feature for comments, allowing content to be directly embedded in the comments themselves. [Screenshot]

My first thought upon reading this announcement was that current Facebook scammers will find this new feature extremely useful. A new tool in their arsenal, so to speak.

I've already noticed some Facebook scams where compromised accounts post comments on other status updates saying, "Is this video of you?" with a link to a Facebook phishing site. This new feature will likely extend the usage of that scam, along with bringing in new types of comment scams and spam.

While this feature is brand new and has not been tapped just yet by scammers, I have created an example of what Facebook users might expect to see in the coming weeks using a Facebook scam that's currently in circulation: [Screenshot]

Continued : http://www.net-security.org/secworld.php?id=11327

Collapse -
Trojan.FakeAV.LVT- Plays You (Like) in Movies
by Carol~ Moderator / July 22, 2011 7:35 AM PDT
In reply to: NEWS - July 22, 2011

"What happens when screenplay writers, social engineers and software developers meet"

A video on Facebook is used as vector of infection for a Trojan, the rogue AV component artfully mimics the antivirus you have installed on your system and the downloader adds the compromised PC to a network of infected systems that constantly exchange malware between them.

Exquisite spreading mechanism

Trojan.FakeAV.LVT takes social engineering to a whole new level. The scenario is extremely complex and efficient: imagine a friend that initiates a conversation with you in a Facebook chat window. The dialogue seems a bit rigid and soon you are teased with questions such as "Hi. How are you?", "It is you on the video?" or "Want to see?" that introduce a link to nothing else but a movie allegedly starring yourself. Classic you may say; and you wouldn't be completely wrong. However, the juicy details are yet to come.

First of all, you are shown a Youtube page with a movie that mentions your name in the title, which is, by the way correctly spelled, as it is taken directly from your Facebook profile. At this point, the video is probably gaining your full trust. On top of that, some of your friends (also taken from your Facebook account friends list) appear to have already commented the video, adding thus yet another huge plus to this crafty scam. In short, you have a movie that is allegedly about you and some friends' comments that either worship you or appear to be utterly disappointed. Wouldn't you care to see why? [Screenshot]

Continued : http://www.malwarecity.com/blog/trojanfakeavlvt-plays-you-like-in-movies-1114.html

Collapse -
Researchers Find Browser History-Sniffing Still Ongoing
by Carol~ Moderator / July 22, 2011 7:35 AM PDT
In reply to: NEWS - July 22, 2011

The practice of history sniffing, which has been seen as out-of-bounds and a serious privacy violation for the better part of a decade now, is still ongoing by some ad networks, researchers have found. A study completed recently by researchers at Stanford University's Center for Internet and Society found that at least one ad network apparently is still using the technique to gather information about what links users have clicked on and which sites they've visited.

History sniffing by ad networks and others first came to the attention of the general public late last year when researchers at the University of California at San Diego (pdf) conducted a large-scale experiment on thousands of popular sites to see whether they performed history stealing and other kinds of behavior tracking. It turned out that the practice was fairly widespread and some sites said after the research went public that they'd stop using the technique.

The Stanford researchers conducted an experiment recently in which they were testing the effectiveness of a JavaScript implementation in a Web testing platform they'd developed. During the test they found that one marketing company, Epic Marketplace, was using a script to test thousands of URLs per second against a user's history to see whether the user has been to the sites. Epic was using an invisible iFrame to test the URLs, so there is no visible cue to the user that the script is running.

Continued : http://threatpost.com/en_us/blogs/researchers-find-browser-history-sniffing-still-ongoing-072211

Related: Marketer taps browser flaw to see if you're pregnant

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.