Spyware, Viruses, & Security forum

General discussion

NEWS - May 28, 2010

by Carol~ Moderator / May 28, 2010 1:43 AM PDT
Cutwail blasts out new fake software brand in spam ? ?Euro Software?

From The MessageLabs Intelligence blog:

People receive various spam emails everyday from dating scams to those attempting to phish bank account information, loan offers and those featuring porn sites, pharmaceuticals and replica watches. While the categories differ, many of them have similarities. In most cases the spammer?s aim is to make money, often by luring the victim into ?online-shopping?

Criminal gangs make their own branded websites, selling counterfeit or illegally obtained products, and they, or some hired spammers, send spam emails with various subjects and different URLs connecting to those websites. Recipients access the websites from the URL in the spam emails, and may choose to buy products there. Pharmaceutical spam, replica watches, pirated DVDs and cheap software spam are applicable, although their products are different.

Continued here: http://www.symantec.com/connect/blogs/cutwail-blasts-out-new-fake-software-brand-spam-euro-software
Discussion is locked
You are posting a reply to: NEWS - May 28, 2010
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - May 28, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
BP's Twitter account hacked by pranksters
by Carol~ Moderator / May 28, 2010 1:45 AM PDT
In reply to: NEWS - May 28, 2010

From Graham Cluley's Blog at SophosLabs:

BP has admitted that its official Twitter account was compromised temporarily yesterday by hackers who posted a joke about its attempts to stem the devastating oil leak that has polluted the Gulf of Mexico.

According to a report from Business Insider, an unauthorised posting appeared on the BP America Twitter account at about 8.00am UK time on the 27th May.

The message read:

Terry is now in charge of operation Top Kill, work will recommence after we find a XXL wetsuit. #bpcares #oilspill

Here's an image of what was posted: [...]

Continued here: http://www.sophos.com/blogs/gc/g/2010/05/28/bps-twitter-account-hacked-pranksters/

Also : BP pwned by Twitter pranksters

Collapse -
Cyber Thieves Rob Treasury Credit Union
by Carol~ Moderator / May 28, 2010 1:46 AM PDT
In reply to: NEWS - May 28, 2010

Organized cyber thieves stole more than $100,000 from a small credit union in Salt Lake City last week, in a brazen online robbery that involved dozens of co-conspirators, KrebsOnSecurity has learned.

In most of the e-banking robberies I?ve written about to date, the victims have been small to mid-sized businesses that had their online bank accounts cleaned out after cyber thieves compromised the organization?s computers. This incident is notable because the entity that was both compromised and robbed was a bank.

The attack began Thursday, May 20, when the unidentified perpetrators started transferring funds out of an internal account at Treasury Credit Union, a financial institution that primarily serves employees of the U.S. Treasury Department in the state of Utah and their families. Treasury Credit Union President Steve Melgar said the thieves made at least 70 transfers before the fraud was stopped.

Melgar declined to say how much money was stolen, stating only that the total amount was likely to be in the ?low six-figures.?

Continued here: http://krebsonsecurity.com/2010/05/cyber-thieves-rob-treasury-credit-union/

Collapse -
2010 FIFA World Cup ? Spammers Raise Their Game
by Carol~ Moderator / May 28, 2010 1:49 AM PDT
In reply to: NEWS - May 28, 2010

From the Security Response Blog:

The 2010 FIFA World Cup kicks off on June 11th in South Africa. As 32 countries warm up for this esteemed international soccer event, cyber criminals are getting busier, too.

So far, Symantec has observed scam, phishing, and malicious attachment spam related to the 2010 FIFA World Cup. Of these, 419-scam messages stand out as major contributors. Below are two examples of typical 419-spam related to the FIFA World Cup: [...]

In many of the phishing samples spammers are targeting the Visa brand, which is one of the six global FIFA partners. Visa announced a ?Go Fans? promotion offer in which card holders get the chance to win a trip to South Africa to experience the 2010 World Cup matches. Aware of the fan frenzy involved with watching live World Cup games, phishers are in the right (albeit criminal) business of trying to make money out if it.

Below is an example of a phishing sample in which users are asked to fill in their Visa credit card details (such as name, credit card number, expiry date, security number, etc.) in order to register for the ?Go Fans? promotion: [...]

Continued here: http://www.symantec.com/connect/blogs/2010-fifa-world-cup-spammers-raise-their-game

Collapse -
Making money from a website promotion system
by Carol~ Moderator / May 28, 2010 1:50 AM PDT
In reply to: NEWS - May 28, 2010

From the Kaspersky Lab Weblog:

A user discovered potential malware on his computer the other day ? the files ?autorun.exe? and ?autorun.inf? on the C: drive which, the user claims, reappear after being deleted.

After an initial analysis it was found that a number of files are downloaded, including .NET FrameWork, which is quietly installed in the background. That was quite a surprise ? it?s been a while since I?ve seen malware cheeky enough to install .NET. So I decided to investigate this sample in full. It turned out to be very interesting both in terms of the malicious functionality and the method used to install its components.

The autorun.exe source file is an SFX archive created using WinRK, an archive utility that is not currently very widespread. After it is run a whole chain of various files are executed:

Autorun.exe -> .exe -> !.bat -> start.vbs -> .bat -> Hidden Start inst.bat -> evntstart.exe;

The interesting thing about this sequence is that it uses only standard, legitimate software:

Continued here: http://www.securelist.com/en/blog/231/Making_money_from_a_website_promotion_system

Collapse -
Phishing - Alive and kicking
by Carol~ Moderator / May 28, 2010 4:07 AM PDT
In reply to: NEWS - May 28, 2010

From Chester Wisniewski?s Blog at SophosLabs:

The phishes I've received in the last few weeks seem to be diversifying. Historically, almost all of the ones I received on my Canadian accounts are what I would call generic. They target large American internet presences like PayPal, eBay, and Bank of America. Recently, phishes have widened their targeting to products like World of Warcraft, Amazon, and Royal Bank of Canada.

Today I received a cleverly disguised phish targeting Scotiabank, a large Canadian bank. As you can see, the email looks very professional and believable, if you forget that banks should not use email to alert you to changes in your accounts.

Dear Scotiabank customer,

As part of our ongoing commitment to keep your information safe and secure, Scotiabank is introducing ScotiaVerify.
An extra layer of security to protect your online banking service. It's an easy process and will take only a few minutes to complete.

Click here and provide your contact information.

Thank you for your co-operation.

Scotia OnLine


As is typical with nearly all of the scams currently making the rounds, the email plays on your fears about online safety to encourage you to secure your account. Of course the link leads to a website that is a direct rip-off of the real Scotia login page. [...]

Continued here: http://www.sophos.com/blogs/chetw/g/2010/05/27/phishing-alive-kicking/

Collapse -
USDOJ cracks open $100 million scareware operation
by Carol~ Moderator / May 28, 2010 4:08 AM PDT
In reply to: NEWS - May 28, 2010

Federal authorities say they have cracked open a cybercrime gang that allegedly duped tens of thousands of consumers into paying more than $100 million for worthless antivirus protection, priced from $30 to $70.

A Chicago grand jury returned this indictment against Bjorn Daniel Sundin, 31, a U.S. citizen believed to be living in the Ukraine; Shaileshkumar P. Jain, 40, a Swedish citizen believed to be living in Sweden; and James Reno, 26, of Amelia, Ohio.

The three are alleged to have help operate an online company, called Innovative Marketing, registered in Belize, that sold worthless programs with names like ?Antivirus 2008"; and ?DriveCleaner? and ?ErrorSafe.? [..]

?The indictment provides a detailed account into the practices used by these online fraudsters,? says Chet Wisniewski, analyst at antivirus firm Sophos. ?It sends an important message that US authorities in cooperation with foreign governments will not allow scams to go unpunished.?

Continued here: http://lastwatchdog.com/usdoj-cracks-open-100-million-scareware-operation/

I took the liberty of repeating yesterday's good news !! : U.S. indicts three for $100 million rogue operation Happy

Collapse -
ISPs told to keep filesharer naughty list
by Carol~ Moderator / May 28, 2010 5:43 AM PDT
In reply to: NEWS - May 28, 2010

"Ofcom confirms Hull as freetard capital"

The details of internet users who are accused of unlawful filesharing three times will be recorded on a blacklist so record and film companies can target legal action, rules published today reveal.

Ofcom has opened consultation on a draft of the code of practice for enforcing the Digital Economy Act's (DEA) copyright enforcement regime. The new government currently has no plans to alter the DEA.

Under the proposals, the three accusations of unlawful filesharing will not have to come from the same source, but once three are made, any of the organisations that made accusations can apply for a court order to reveal their identity. A person accused of separately infringing a film, a music and a software copyright could be sued by either FACT, the BPI or FAST.

Continued here: http://www.theregister.co.uk/2010/05/28/ofcom_code/

Also: Ofcom unveils anti-piracy policy

Collapse -
Symantec slashes cost of SMB protections by 40-percent
by Carol~ Moderator / May 28, 2010 5:47 AM PDT
In reply to: NEWS - May 28, 2010

Symantec announced this week that it plans to increase the protections offered to the SMB (Small to Medium Business) market, including desktop protections, backup and recovery, and messaging, all while lowering the total package cost by 40-percent.

For many SMBs, the cost savings alone is worth looking into a proposal from Symantec sales, due to the fact that resources are severely drained when it comes to that market. Unlike the IT departments in the Fortune 100, SMBs might have an IT staff of two or three people, sometimes less, and budgeting is simply not there.

?SMBs are especially vulnerable to security threats because they don?t typically have the time, money, or IT resources to implement the kind of comprehensive security that large companies have access to,? said Ray Boggs, vice president of Small and Medium Business Research for IDC.

Continued here: http://www.thetechherald.com/article.php/201021/5661/Symantec-slashes-cost-of-SMB-protections-by-40-percent

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.