|
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
 September, 2011: According to the NY Times (9/29/11), Heidi Klum is this year’s most dangerous celebrity - to search for on the Web at least - according to McAfee Security. Clicking on links promising sexy pictures of her comes with a nearly one-in-10 chance of contracting a bad case of malware.
|
|
|
|
August, 2011: The Morto worm, which targets Windows computers by exploiting poorly chosen passwords through Remote Desktop Protocol (“RDP”) has arrived and, if it gets into your network, it can clog the network. But it’s not much of a concern if your anti-virus software is kept current.
|
|
|
|
July, 2011: By now, you should realize that Firefox automatically updates itself. So, if you receive an e-mail allegedly from Mozilla asking you to update, don’t click on it. It does download Mozilla. But it is also a Trojan Horse known as Troj/PWS-BSF which can steal passwords.
|
|
|
|
July, 2011: Those spammers sure don’t waste any time. In the same week that Google+ was introduced, they sent out bogus Google+ invitations that were actually online pharmacy come-ons.
|
|
|
|
More than 4 million Windows PCs have been infected since March, 2011 by a botnet known as “TDL.” The boot sector virus, now in its fourth version, is close to indestructible, according to Kaspersky Labs, and spreads via web sites, particularly those that let people store video and image files.
|
|
|
|
June, 2011: Link to the Mac page to read about the Mac Defender virus and other security updates for Macs. Also, the possible malware infections you can subject yourself to if you use the jailbreakme website information.
|
|
|
Guardian Analytics reports that about 75% of SMBs in the U.S. experienced online fraud and/or bank account takeover in the 12 months preceeding April, 2011. Banks didn’t detect the fraud in 78% of the cases. Businesses suffered monetary losses 60% percent of the time, the bank 37% of the time.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
March, 2011: Good news! Led by Microsoft, Pfizer and FireEye, the Rustock botnet, which pumped out 44 billion pieces of spam (mostly masquerading as Canadian pharmacies, actually located in India and elsewhere) is no more, at least for now. The amount of spam worldwide actually dropped by 47.5!
|
|
|
|
May, 2011: hacker groups LulzSec and Anonomyous invaded police departments, the CIA, PBS, the U.S. Senate, Fox and other sites. After 50 days, they retired.
|
|
|
|
March 2011: Recently, a malware known as LizaMoon has hijacked links on literally millions of websites, including some of the normally safe ones such as iTunes and Google. Like Anti-Virus 2011, LizaMoon uses rogue-AV scare tactics to trick you into running bogus cleanup tools on your PC, usually to no avail. You can avoid this by simply not clicking on the come-on.
|
|
|
|
ZeuS (a/k/a Trojan.Zbot) just won’t go away. One of the most damaging and persistent malicious code, ZeuS runs below the radar as a rootkit, where it gathers account numbers and passwords then sends them off to data dump dropzones over the Web. What makes ZeuS more damaging is its ability to evolve, infecting machines through a variety of sources, focusing on differing attack vectors, modifying web pages, even attacking smart phones. It’s difficult to protect against and remove. And it’s not going away any time soon; in fact it’s for sale on the Internet.
|
|
|
|
It’s a new year and the security summaries for 2010 have been published, along with the vulnerability predictions for 2011. No great surprises here. Cisco reports that, while mass attacks are reduced, targeted attacks like phishing, identity theft and malware, are on the rise, as the payoff is greater. Summarized: As more people use mobile devices and bring them into the workplace, they will come to the forefront of security. Social media attacks will become more common and more complex, as e-mail and ordinary virus attacks decline. Rootkits and MBR viruses will increase, however. McAfee and Trend Micro say their data shows that Google’s Android platform as well as Apple’s iPhone and Mac OS, and geolocation service FourSquare and URL-shortening services used by Twitter and FaceBook are all in cybercriminals crosshairs. Net-Witness and Websense also predict that botnets are now roaring back in the new year after a downturn in the final quarter of 2010, and that there will be a botnet “cyberware” which will most likely be won by the Zeus botnet (over competitors Kneber, Rustock and Waladac) which will be incrementally upgraded with opt-in and JavaScript cross-site. Finally, as the result of the Wikileaks controversy, there may also be an increase in politically motivated attacks.
|
|
|
|
2011 Virus Stats: PandaLabs reports that Malware increased 26% during the beginning of 2011, and 16% over the end of 2010. 70% were Trojans. Similarly IBM’s 2010 Trend & Risk Report found that almost half of vulnerabilities were web application issues, caused by cross-site scripting and SQL injection malware (see SPYWARE page).
|
|
|
|
2010 Virus Stats: 4 Qtr. 2010 1.2 million web sites were affected by malware according to Dasient Internet Security, double that of Q4 2009. Most were drive-by downloads (see Spyware), surpassing older forms of incursion such as spam and e-mail attachments. Maybe the arrest of Russian Oleg Nikolaenko (a/k/a The King of Spam), author of the Mega-D botnet which sent 10 million spam e-mail messages a day, has had some (temporary) effect.
|
|
|
|
The Microsoft security scammers are back again. If you receive an e-mail allegedly from the “Microsoft Security Team” urging you to update your Windows, don’t fall for it. The subject line may say “Update Your Windows” and it may be from Steve Lipner (who really is with Microsoft’s security team), and it may attach a file (KB453396-ENU.zip). Trash this mail, as it will infect your computer. And remember - Microsoft NEVER sends e-mails with security updates.
|
|
|
|
Some viruses have actually been unleashed by hackers dropping a USB drive in a parking lot which became plugged in by a (naturally) curious person. The infamous Stuxnet worm in mid-2010 was also most likely propagated through USB flash drives. It is likely that in the future this vector for malware delivery may increase. One way to make it less likely to do its damage is to disable the “autorun.inf” file in Windows. That’s the file that automatically loads programs or searches for drivers once a disk or device is inserted into the computer. If it runs automatically, this means that if the media contains the virus, it may automatically load; Also, if Windows automatically must search on the web for a driver for the device, it may go to a site which will download a purposely infected driver. To disable the driver search feature in Windows (which would still allow you to search for a missing driver, although manually), here’s how: In Windows XP, Start>Control Panel>System>Hardware Tab>Drivers>Windows Update, then uncheck “Never Search Windows Update for Drivers”. In XP and Win7, Start>type “change device installation settings” in the search box>in the pop-up window, under “Do you want Windows to download driver software...” select “No, let me choose what to do,” then choose the option “Never install driver software from Windows Update”. Disabling the autorun feature is more complex, involving editing of a registry key (see HERE).
|
|
|
|
Sophos advises awareness of the Windows Shortcut Exploit (also known as CPLINK), which is a “zero day vulnerability” in all versions of Windows which allows a Windows shortcut link (known as a .lnk file) to run a malicious DLL file. The exploit runs when you open a device or network share and does NOT require anything for the exploit to run, as the .lnk file can be embedded in a web page or even in a document.
|
|
|
|
You may notice you receive less “Nigerian scam” e-mails. Okpako Mike Diamreyan of Nigeria has been convicted and sentenced to 12 years in prison after sending fraudulent e-mails offering victims money for moving cash to the U.S. He made more than $1.3 million from 67 victims between 2004 and 2009. See the Rant page of this site - I can’t believe people still fall for this.
|
|
|
|
Worms are back. No, not the old, simple “I Love You” attachment worm, but the new, improved XSS (“cross-site scripting”) worms that aren’t caught by traditional anti-virus programs. [See Spyware for deeper discussion.] To be completely protected, you should turn off JavaScript for new sites, unless absolutely necessary and, of course, never click on links in an e-mail or the web, unless you’re absolutely sure they’re safe. Also, keep current with your browser updates, they provide some degree of protection.
|
|
|
|
Discussions at the 2010 DEFCON security conference revealed that commonly used residential routers, such as the Linksys WRT54G, are subject to an attack known as “DNS rebinding,” which uses a script to get around security measures taken in the router firmware. Because most large Internet sites, such as Google, have multiple IP addresses (for load balancing and the like), your computer stores these extra IPs and considers them acceptable. When you visit a site in which malicious software is embedded, it loads a script onto your computer which runs on one of these “pre-stored” sites, then establishes an Internet connection to your computer, allowing the hacker to possibly control your router and, therefore, everything on your computer. It is not browser specific, and only applies to some routers. What can you do about this? First of all, most routers are set up using an Internet address (192.168.1.1), with a network name and password. Do NOT keep the default password (Admin, Password, or the like). Change it. See Password for more info about a secure password. Same for the default SSID (network name), e.g. Linksys. Change it. Also, regularly keep your router firmware updated. Of course, don’t trust unknown web content, even ads on trusted websites. If you are a more advanced user (careful here, you can seriously screw up your computer), you could disable HTTP and enable HTTPS in your router settings, maybe disable UpNP (but not if you have services such as Skype), use the NoScript browser plug in for Firefox (suspends Java, Flash and Active-X, asking first for its use), maybe even switch to OpenDNS, which changes DNS from your ISPs defaults to those of OpenDNS (208.67.220.220 and 208.67.222.222). If you need help, call!
|
|
|
|
TJ Maxx announced an intrusion in January 2007 in which, over time, 45 million customer records had been exposed. DSW Shoes, OfficeMax and Hannaford Bros. all announced breaches in their computer systems as well. This in addition to the unknown hackers who stole more than 360,000 customer records from Citibank.
|
|
|
|
In December, 2010 Adobe released version 10 of Adobe Reader. It’s more secure, as it has the addition of “Protected Mode” which provides enhanced malware protection based on sandboxing technology. While it’s not foolproof, it’s quite effective. However, be aware that you must completely remove previous versions of Adobe (use Add & Remove Programs in Control Panel) before installing version 10. Word is, Adobe Flash will also be getting this feature as well.
|
|
|
Cell phone security tips: Don’t jailbreak your iPhone - because that breaks all of the security. If you have “locate and wipe” enable it. That way, if you lose and can’t find your phone, at least you can erase your data. Most important - set a passcode. At least it’ll slow down a thief. Don’t just use the default - that’s how the News Corp. hackers got into cell phones, assuming users were lzay. And some were.
|
|
|
|
Beware Firesheep. This recently released Firefox add-on is an app that lets Wi-Fi snoops grab session cookies broadcast over open networks in order to get access to victims’ accounts, known as “sidejacking.” This basically occurs because many sites (including some e-mailsites such as Hotmail and FaceBook) use a secure connection for the logon, but then go back to an unsecure connection afterwards. Now, zscaler.com has posted on its site a countermeasure named “Blacksheep” (for both Windows and Mac) which “cloaks” your connection to foil Firesheep snoopers. Also, you can use a VPN, or HTTPS (as Twitter has suggested by enabled, starting March, 2011).
|
|
|
|
Lately, many viruses have found their way into computers through unpatched versions of Flash and also Java. There aren’t many applications that demand Java any more (Open Office is one exception), so if you don’t need it, you can unstall it.
|
|
|
|
We all expected that, as cellphones and VoIP became more common, malware and viruses would eventually arise on these devices. And they are. For example, for users of Skype, there can be worries about the W32/Pykse.worm, which uses Skype for spreading. Also, the PWS-Pkyse Trojan, which attempts to steal Skype user names and passwords (this one masquerades as a “Skype-Defender” plug-in for Skype). Cellphones have been infected by the commwarrior virus around the world, also the RavMonE.exe virus. Cellphones have been infected by the commwarrior virus around the world, also the RavMonE.exe virus. In late 2009, Kaspersky Lab reported a new malicious program that steals money by taking over Nokia phones and making small charges to the owners’ wireless accounts. Also in late 2009, an Australian student created an experimental worm that infected iPhones adapted to run unauthorized Apple software; it didn’t cause any damage, just installed a photo of 80’s pop star Rick Astley. Also, recognizing that this threat is increasing, various companies are starting to offer protection - Lookout (a startup), Symantec, Research In Motion, among others, are starting to get out the message. It can only get worse, so be vigilant! See this LINK to learn how to disinfect your cell phone if you get a virus. If in doubt, or you’re afraid you’ll ruin your computer or phone, call a pro!
|
|
|
|
Not too long ago, we were pretty safe advising clients just to not open their e-mail if they didn’t recognize the sender. That was because historically, at that time, malware came into the computer via e-mail on Port 25 (which has been changed by some ISPs such as Comcast and Verizon to Port 587 for just this reason). Now, 85% of malware infections come through web traffic, according to Webroot software. So make especially sure that you have excellent malware filters. Still, NEVER open unexpected file attachments, whether Office, PDFs or otherwise. Microsoft does offer patches for different versions of Word and Excel, downloadable from its website; your anti-virus should do the rest.
|
|
|
|
Researchers at Verisign have reported that, since February 2007, more than 15,000 victims have fallen prey to spear-phishing attacks. They believe that two crime groups are responsible for 95% of the attacks, but does not expect the attacks to let up. Two of the most successful attacks involved e-mails that claimed to be from the IRS or the Better Business Bureau or e-mails that appeared to be subpoenas for court charges. [See, Spyware page.]
|
|
|
|
McAfee, the security technology company, reports that the chance of downloading unwanted software while surfing the Web has increased 41.5% compared to last year. According to McAfee, Hong Kong websites top the list, with more than 19% of all web sites that end with the .hk domain posing a security risk such as adware, spyware, viruses, spam, excessive pop-ups or browser exploits. Second most dangerous was The People’s Republic of China (.cn domain), followed by Philippines (.ph), Romania (.ro) and Russia (.ru). On the other hand, the safest countries are Finland (.fi), Japan (.jp) and Norway (.no).
|
|
|
|
Security research company Trend Micro recently reported that of the top 100 infections in the U.S. in 2008, approximately 63% were caused by downloading and running programs, e-mail borne infections only accounted for 3%. and the exploitation of security flaws in products was responsible for only 1.7% of PC infections. Contrary to popular belief, then, criminals, visits to malicious websites and e-mail are not the major cause of infections. The most common software - free games, utilities, toolbars, pornography and pirated software.
|
|
|
|
March, 2010: In a security advisory, Microsoft advised Windws XP user not to press the F1 key when prompted by a web site, because due to a logic flaw attackers could craft an attack through an unpatched vulnerability that could exploit PCs running Internet Explorer. The dialogue box prompting users to press the F1 Help key, which can appear repeatedly when dismissed, should be ignored. A patch should be available within the next couple of weeks and will be automatically downloaded through Windows Updates.
|
|
|
|
11/1/09: Microsoft has issued a patch protecting users of Win2K, XP and Server 2003 from an exploit allowing remote code execution or launching of a denial-of-service attach from your computer. The code is cleverly hidden in a specific type of Embedded Open-Type Font. Yes, a font. Good news is that the MS patch (MS09-065 (969947)) removes the threat.
|
|
|
|
1/1/09: Another Facebook trojan (see Koobface, below): Whitewell uses Facebook (in particular, the Notes section of Facebook’s mobile version) as a delivery method. This trojan relies on the actual Facebook account to spread, rather than the server for Facebook itself, therefore it is different than many botnets.
|
|
|
|
Looking for a secure flash drive for your files or bootable USB drive when you are on the road? So-called “hardened” flash drives which use military grade encryption, self-destruct features, password memory and other neat features are available if you want to pay more for your drive. An example is IronKey, at about $99 for a 2GB drive, $149 for 4Gb. Other drives are manufactured by Kingston, Corsair, Imation and Lexar.
|
|
|
|
Adobe has released Flash 10.1, which is said to conserve battery power, make video run more smoothly on mobile devices, and will also support touchscreen gestures such as pinching or widening the screens, along with patching possible spyware/virus holes. When it arrives, download it, or CLICK HERE for the link.
|
|
|
|
September, 2010: E-mails with the subject line “Here you have...” can transmit viruses which can infect Windows computers. Most anti-virus programs should detect this by now, but still be aware of their existence.
|
|
|
|
The Verizon’s “2010 Verizon Data Breach Report,” prepared in cooperation with the U.S. Secret Service, has been released and it contained both good news and bad news: Good news: There’s been a decline in the number of compromised electronic records, from 295 million in 2008 to 143 million in 2009. The bad news: 48% of data breaches were due to employee misuse of access to company information, not outside hackers. The moral: Restrict user access to company information and monitor frequently for violations.
|
|
|
|
Intel, worlds largest chipmaker, has announced on August 19, 2010 that it will acquire McAfee Internet Security for $7.68 billion, making Intel a major player in the security software and services market. Analysts expect that many of the tools that McAfee provides today may be built in to Intel chips and devices over time, which may change the nature of the security industry. Intel has already built a variety of security functions directly into its chips and provided customers ways to tap into the tools.
|
|
|
|
January, 2010: A malicious software program known as the “Kneber botnet” has infected the computers of more than 2,500 corporations around the world. It’s purpose appears to be to compromise both commercial and government systems, including 68,000 corporate log-in credentials. It has also gained access to e-mail systems, on line banking accounts, Facebook, Yahoo, Hotmail and other social network credentials and more than 2,000 digital security certificates as well as a significant cache of personal identity information. The botnet makes sophisticated use of a Trojan Horse backdoor entryway known as ZeuS, which was primarily as Trojan for stealing banking information. A similar earlier botnet known as Waldec also compromised many corporate systems.
|
|
|
|
If you’re a business traveler using wireless networks when you are on the road, you should be aware of the “Hole 196” vulnerability in 802.11 networks using even the more secure WPA2 security. Basically, it is a man-in-the-middle attack that can only be carried out by an authorized network user. Airtight Networks has developed a security patch.
|
|
|
|
The Stuxnet virus of 2010 affected primarily Siemens machines, which are used by manufacturers. Note that many manufacturing machines were built years before password security or even Internet connectivity, so they are particularly at security risk now for hacking. It is increasingly believed that the worm virus was an attack by Israeli intelligence against Iran and other countries which were developing enriched uranium, necessary for nuclear bombs. The worm causes quick rotational changes in centrifuge and other motors, causing them to burn out.
|
|
|
|
April, 2010: For the past two years, Adobe Reader has led the pack in exploit vulnerabilities. In 2008, Adobe Reader attacks comprised 28.61% of targeted attacks; in 2009, that number jumped to 49.5%; so far in 2010, it is 61.2%! By contrast, Microsoft’s key products have dropped significantly - Word is at 24.3%, Excel 7.1% and Powerpoint 7.4%. This is according to security company F-Secure. McAfee figures are similar, finding PDF exploits responsible for 49% of web-based attacks, Acrobat Reader from 2% in 2007 to 28% so far this year, mostly on unpatched machines. It is key to your protection that you install Adobe Reader and similar updates when prompted - the most recent one patched a major vulnerability. Starting on April 13th, Adobe will be experimenting with automatic patch installs, no prompting to install the updates. Same for Flash, Java and Acrobat. BEWARE: Those who push malware have also found a way to pose themselves as patchers for Adobe and Java updaters - make sure you’re installing a real Adobe update - it usually doesn’t include attachments like spreadsheets. Don’t be too smug if you’re running the Apple or Linux operating systems - these exploits will compromise these systems as well. Be sure to patch and upgrade Adobe Reader, Acrobat, Flash and JavaScript promptly. [Go to the Apple Support Downloads page.]
|
|
|
|
Those of you who opened the link to the “sexiest video ever” on FaceBook in May, 2010 received an uppleasant surprise, as it was an attack, which installs by requiring you to update your software which installs the Hotbar adware to generate revenue for spammers. Similar for that June FaceBook message claiming “This horrific photo forced photographer to kill himself”. And for the June, 2010 link to the “101 Hottest Women in the World” clickjack scheme. See a pattern here? Shame on you, by now you should know better!
|
|
|
|
Don’t open that gift certificate from Apple iTunes unless you’re sure that it’s from Apple. Spammers are sending out e-mails claiming these awards, but they contain a dangerous ZIP file which infects Windows computers. As always, check the source (Apple iTunes) before clicking on an unknown link or attachment.
|
|
|
|
3/23/09: Beware of Twitter Phishing attacks. If you get Tweets saying “lol is that you in here? +link to video” it may connect to a malicious virus. The folks at Twitter write: “A bit o’phishing going on - - if you get a wierd direct message, don’t click on it and certainly don’t give your login creds!” Beware of what you click on, don’t give away any information and beware of any shortened URLs (check where they lead using longurl).
|
|
|
|
2/24/09: Gmail users who are logged into Google Chat have been getting messages that appear to be from friends, urging them to click on a Web address starting with tinyurl.com that takes them to a site called ViddyHo, which asks for the person’s Gmail log-in and then hijacks the account, sending out chat messages to the user’s contacts and spreading itself further. This phishing attack lures surfers to click on videos for hot topics and timely news events that can download malware onto their computers.
|
|
|
|
You can expect many more worms and other types of viruses on social networking sites like the new variant of the Koobface worm that targeted Facebook late last year. It appears that virus code writers have decided that it’s time to infect these sites, which are often used by businesses now, in addition to individuals. THIS PREDICTION CAME TRUE IN OCTOBER, 2010: a NEW VERSION WHICH CAN AFFECT BOTH WINDOWS AND MAC MACHINES THROUGH JAVA HAS MADE ITS APPEARANCE.
|
|
|
|
Sinowal (more recently a/k/a/ Mebroot) is back. This is a “drive-by” download, credited (Washington Post) with stealing more than 500,000 bank account passwords, credit card information and other sensitive financial information. This is a super Trojan that uses a technique known as HTML injection that puts very convincing information on your browser prompting you to enter confidential passwords or account numbers, then keylogs them and transmits them to theives. Because the infection resides on the master boot record of your hard drive (which it rewrites) in rootkit fashion, has no executible files to detect, no svchost.exe or rundll32.exe files to appear as processes, and has its own encrypted 128-bit external data transmission, it is virtually undetectable by anti-virus or anti-spyware software. And, because it bypasses Windows’ normal communication routines, it works outside any firewall you might have. While some rootkit detectors find may some versions of Mebroot, since it changes almost monthly, they really don’t have a chance of keeping up with the variants. Good news for Vista users - since Vista’s boot method is different from XP, and its User Account Control regime (if you didn’t already turn it off as a nuisance) gets in the worm’s way, Mebroot is mostly directed at Windows XP users. Some say that the infection gets in through Adobe Reader, Flash or Quicktime, even if they are fully patched. So what to do? Microsoft hasn’t done and doesn’t plan to do anything about MBR infections, and banks don’t seem to care either, so don’t depend on either to protect you from Mebroot. Unfortunately, the best you can do is to religiously run your anti-virus, anti-spyware and anti-rootkit programs and be vigilant with your web surfing, particularly regarding financial institutions. Sorry.
|
|
|
|
Anti-spyware vendor Webroot published a report on 9/29/08 that charted a rapid increase in the volume of infected files being distributed, in particular via peer-to-peer file-sharing networks, that have been disguised as campaign-oriented content. Webroot specifically warned users to beware of malware files being propagated in files labeled as McCain and Obama campaign videos. Webroot has seen large amounts of such infected files being traded on Gnutella, which is accessed by many users of FrostWire and LimeWire. Webroot said a targeted search of the FrostWire network found some 34 search results for “Obama speech,” 14 of which contained some form of active malware, while 5 of the 19 results found for “McCain speech” were found to be carrying malware. The most common malware variant was found to be W32/Zipware, a well-established Trojan downloader, containing a .zip file with executable files that, when run, infect the host machine with random malware, including rogue anti-virus applications, which in turn pretend to detect security issues on infected machines in an attempt to lure users to buy rogue AV applications for disinfection. Webroot says that, in some cases, the files also include password stealers and backdoor infections as well.
|
|
|
|
Note about Trojan.NewMediaCodec: This virus wreaks havoc on computers taking advantage of a vulnerability in Windows Media Player. When users are "told" they need an upgrade to Windows Media Player in order to view movies on certain (adult) websites, the subsequent download installs a Trojan. Therefore, instead of getting some "enhancement," what really happens is that Trojan.NewMediaCodec downloads and installs additional malware on your machine. You very much want to remove this if it shows up on your computer. See similar discussions about these “must have” uploads and players in the Hoaxes page of this site as well.
|
|
|
|
You can expect many more worms and other types of viruses on social networking sites like the new variant of the Koobface worm that targeted Facebook late last year. It appears that virus code writers have decided that it’s time to infect these sites, which are often used by businesses now, in addition to individuals. THIS PREDICTION CAME TRUE IN OCTOBER, 2010: a NEW VERSION WHICH CAN AFFECT BOTH WINDOWS AND MAC MACHINES THROUGH JAVA HAS MADE ITS APPEARANCE.
|
|
|
|
2/24/09: Gmail users who are logged into Google Chat have been getting messages that appear to be from friends, urging them to click on a Web address starting with tinyurl.com that takes them to a site called ViddyHo, which asks for the person’s Gmail log-in and then hijacks the account, sending out chat messages to the user’s contacts and spreading itself further. This phishing attack lures surfers to click on videos for hot topics and timely news events that can download malware onto their computers.
|
|
|
|
3/23/09: Beware of Twitter Phishing attacks. If you get Tweets saying “lol is that you in here? +link to video” it may connect to a malicious virus. The folks at Twitter write: “A bit o’phishing going on - - if you get a wierd direct message, don’t click on it and certainly don’t give your login creds!” Beware of what you click on, don’t give away any information and beware of any shortened URLs (check where they lead using longurl).
|
|
|
|
Don’t click on links or respond to Tweets that you aren’t familiar with. Duh! This is how many viruses and spyware propagate. You may not even see the damage on your own computer, because it may be used to send out messages allegedly from you to others that contain viruses or spyware. True examples: You may receive Tweets from one of your friends, but it appears to offer a $500 Victoria’s Secret gift card (if you’ll just click), or to watch your friend in an awesome new video in which they star (if you’ll just click) or make more money or increase your IQ (if you’ll just click), or answer the question “Are You in This Picture” (click to see it). This means that the sender’s account has probably been seized by malware, unknowing victims of the infection. They probably clicked on one of these messages, continuing the chain of infection. For more considerations about Social Networking, click HERE.
|
|
|
|
6/11/09: Don’t assume that you can stop updating your Adobe Flash product (See entry below). The Gumblar trojan is still very much around. Gumblar typically inserts iFrames into legitimate sites that direct browsers to the malware-laden site gumblar.cn. Use LinkScanner or the like for protection.
|
|
|
|
Samy Kamkar, the hacker who brought MySpace to its knees in 2005 is now out from criminal probation. And he has crafted new software that targets your home network router. While the original Samy worm merely tagged your MySpace profile with the phrase “but most of all, Samy is my hero”, this new infection attacks routers which have not reset their password from the defaults (admin/password), enabling Samy to pinpoint your router’s physical address through Mac ID, and then conceivably either take control of your connection or load a malware payload.
|
|
|
|
We knew it would happen someday, and it finally has. Pedophiles and others have found a way to exploit virus-infected PCs to remotely store and view their stash of child pornography without fear of getting caught. You might not even know your computer was involved until the police knock at your door. A number of people have been surprised this way, and have spent thousands to clear their name. Don’t be one of them - regularly scan your computer for viruses!
|
|
|
|
CLICK HERE TO GO BACK TO THE SECURITY PAGE
|
|
|
