Well I've posted this info about these blogs in several forums, even posted to StopBadware.org. Lets see how long it takes Google to remove these, even if they are not currently spewing malware. My documentation ought to be good enough. Updated Info......
Monday, December 31, 2007
Saturday, December 29, 2007
Couple of new links in the forums today.
From security researchers in Denmark comes the stat that 1 in 5 machines are unpatched Windows OSes. This of course could lead to zombie armies that run amok across the Net giving me loads of HijackThis! log files to do. Read on about my hobby-to-be continued-for-the-foreseeable-future
And from a malware specialist who has written some great detailed analysis of RBN comes a challenge for users to ruin a malware gangs holidays
Thursday, December 27, 2007
After a short while of inactivity, it appears the BMG(Blogger Malware Group) are at it again. After reading another security blog, I wandered on over and was not disappointed. Every blog I hit once I saw a pattern delivered a good payload of malware, calling out to the same sites. Read about the details here...
Sunday, December 23, 2007
Friday, December 21, 2007
Was a busy day and I didn't have time to post these as they were added to the forum so here's the round up.
A security and privacy researcher informs as to the effectiveness of crowd rating phish sites. His discovery may well shock you at how easy the system can be 'gamed'.
PG is out once again, donning his 'Godamm Batman' attire to show a script kiddie how easily they get 0wnd. Always a good read.
Anti-virus vendor AVG has subpoenaed major software and Internet companies to gain counterfeiters info and none of these companies have complied.
And some guys got busted over on MySpace for mass spamming so you know it won't be a very good X-Mas for those guys...I know a tear welled up in my eye too....NOT!!
Then the good folks at eWeek share with us a researchers reverse engineering of malware that showed how very complex and professional it is in it's distribution.
Thursday, December 20, 2007
Wow...this sounds really bad. A researcher from CA, formerly PestPatrol joined a community for Sears.com and got something he didn't bargain for....spyware! A proxy was installed and tracked and sent information to a
third party marketing company! Read on for frightening details.
As more teens blog, IM and create pages on social networks, it has begun to look as tho they cherish their personal info. Most are very selective with whom they share that info with. That can only be a good thing
Our favorite RBN blog has a look into the business end of getting paid thru rogue installs of the gang most reportedly responsible for all the malware on the Net. Very well detailed with graphics and links.
Wednesday, December 19, 2007
Another problem related to Google ad accounts. It seems they are being hijacked to rogue servers and of course offering users the usual...malware.
Google is aware of the problem and working to eliminate as many of these accounts as possible.
Tuesday, December 18, 2007
Tuesday was a busy day in the forums. And I didn't get a chance to post 'as it happened' what with X-Mas stuff to get done still.
Direct Revenue is back in the news, with Dutch firms being fined for unauthorized installs. Who knew? Too bad the gang in the states didn't get what they deserved.
The Zone alarm\Ask.com toolbar thread links to some very interesting ommentary, mostly against, where there is always one guy who see the ruckus over naught. Probably one of the affiliates, they can never see the unethical side of things.
Speaking of Zone Alarm, there seem to be some problems with the latest updated version, so if you have it let us know if you're experiencing troubles.
Got Google's toolbar? Then you'll want to read this about an unpatched hole, leaving users exposed to phish attempts.
Bit Defender released its Top 10 Malware for '07 today as well. I don't suppose anything new will crop up to make the list.
Last but not least, a security researcher thinks Facebook's registration page asks for a little too much info about you and expresses concerns. To be honest, I think he has a point.
Well there you have it, lots of reading to catch up on....enjoy and don't forget to offer your thoughts. The forum only thrives when the people are heard.
Monday, December 17, 2007
A security researcher thinks the botnet as it's become to be known as needs to be called something else. Their reasoning is that it no longer properly describes the level of activity that it does. Got any suggestions?
Well Zone Alarm has decided to try and make a few buck off unknowing users.
Following Webroot's lead, they've added a 'spyblocker'\toolbar. Of course the install option is already ticked for your convenience, isn't that nice of them? Ummm...no thanks ZA.
And by pre-ticking that lil box, it almost guarantees many installs, thereby leading to mucho money for ZA and of course Ask.com a well. Vent your
Sunday, December 16, 2007
A highly crafted trojan is stealing bank account info from certain types of accounts and doing so very quietly. It's one of those types of programs that even tho made by lowlifes, researchers are impressed by the complexity. Lets hope this trend does not take off
Friday, December 14, 2007
With success comes notoriety. In most cases this is a good thing. Unless of course you're a criminal enterprise. In that case, the more exposure you get the more you increase your chances of getting caught and or having to uproot your operations. This is the challenge facing the Russian Business Network. Read more on RBN tracking
Thursday, December 13, 2007
Wednesday, December 12, 2007
Once again, the Phish & Spam forum are taking the bustling 'n' hustling title for the day. Symantec has a new trend to speak of, fake newsletters. Anything you can think of, spammers will try. And then some.
From a respected security analysis, we get an overlook of the last year in spam. Trends new and old, site life for phishes and more.
As spam increases each year, it climbs higher as a total amount of email sent. These numbers almost can't be believed, upwards of 90% were spam in '07
Own an HP laptop? It appears some of the software involved exposes users to a risk of getting hijacked
For the last entry into the daily grind we have a couple of tools which may allow some cookie security holes to be exposed or created. There may finally be a reason to fear cookies.
Tuesday, December 11, 2007
Today we have a small tool which will help keep your MSN IM conversations limited to who you want to receive them. A must have for all those 'personal' IMs we all make eh?? Not to mention it may keep the boss from knowing you're planning to sneak off to a game one afternoon. Check it out now....
This morning starts out with a bang in the Phishing and Spam forum, with articles from Symantec referencing credit unions and community banks being targeted, and we have the best and worst domain registrars from Brian Krebs at Security Fix.
Then at Computer World they look at the latest Web 2.0 trends which may affect DNS servers. Finally we have Avert Labs talking about recent trends in spam and phishing campaigns.
Whew....that wore me out, go check 'em out and drop a comment.
Monday, December 10, 2007
It would appear something that's been being talked about has finally come about, malware using RSS feeds to push files to users. Took them long enough, we've been hearing about the possibility for a couple of years, I've got two links related in this latest thread
A phishing campaign that's been going on for a month at least gets some updated info, and of course the home sites are in China, the new play ground for scumbags, go figure
The rogues list from Malwarebytes gets some new additions this last week or so
For a little chuck at the expense of MS, some people have come up with what may or may not be Windows error messages
MS has decided to offer users a new way to keep track of their passwords, with a new site. I guess they figure if they make it easy enough, then users won't have so much trouble remembering longer, complex pws and make things a tick safer. Read about it here and comment
Friday, December 07, 2007
It's that time of the month, MS has released Decembers Bulletin Advanced Notice, with 4 critical updates and 3 important one.
In Kaspersky's quarterly malware code analysis we get a break down of the hottest trends in malware. Always interesting stuff there.
Interested in how bots work on the Web? Then this in depth read of an IRC botnet is for you.
For those of us who are true geeks, a look into George Lucas' Skywalker Ranch sound studios will be a pretty cool quick tour.
Wednesday, December 05, 2007
Looks like MS pulled out all the stops when it came to naming the next iteration of IE. Probably cost them hundreds of thousands, maybe millions in consumer testing, brand recognition and the like. ....See if it was worth it
It looks like they've found a way to make cookies a bit more of a threat. With new variants, they can circumvent some cookie control apps and anti-spyware tools. Read the crumby details here
With Vistas spiffy aero looks and improved over all display, it appears that MS decided to put a twist on the BSOD....now Vista offers a PSOD.
AV vendors have gathered to see if they can nail down testing guideline that will give users a sense of conformity. Yeah, sure....we all know how well the naming convention meeting went. More here...
There is a new tactic malware scum are trying out. Rather than telling users they need a codec to install, instead they say there is an error with playback to get their crap installed. Found by MS MVP WinHelp2002, Read more about it...
Researchers at F-Secure claim malware has risen 100% over the last 12 months, doubling the amount it took 20 years to get to. Pretty scary....comment here
To soften the bad PR they have gotten, MS has decided to soften their policy on pirated software and re-do the whole set up. See the details here
Come into the forums and meet our latest moderator, he's been with us since the get go....Meet Johnincal
Monday, December 03, 2007
Apologies for not blogging much this last week, I'll be back at it this week, but here are some hot links for now:
Wednesday, November 28, 2007
Well as no surprise, the RBN was behind the recent Google search poisoning. Lots of good detailed analysis will keep RBN moving, and that's never good if you're a criminal. Too much time spent on evading the authorities will cause
mistakes. Read On...
Defeating CAPTCHA encoded websites is one malware scumbags biggest problems.
But they have ways of doing, including service that use the human element. Likely some third world country paying absurdly small amounts of money. More Here
Well in the phishing and spam forum we have two new items. The first deals with some spam containing fake YouTube links that -GASP!-...re-direct to malware! OMG! Whoda thunk they could do that? Hehe.
Next we have what looks to be some gang trying to reach Storm worm gang notoriety. Using celebs names as bait, they of course get suckers to install their trojans by duping them into opening emails. Uh-Huh...When will people get a clue? Have you been suckered in?
I for one trust Google to provide fairly safe search results. But in this day and age of malware scumbags looking at every vector to infect, they've combined two tactics, a type of 'seeding' of key search words and drive-by downloads.
While doing a search for my son I stumbled upon some odd search results which led to something that has gotten huge and is making alot of news on main media sites. I call it Google Poisoning.
Tuesday, November 27, 2007
Researchers are finding more malicious hacking of well visited popular sites using IFRAME exploits to take them over. And as usual, these exploits can be traced back to......give ya 2 guesses.
This morning PG alerts us to a Hotmail & eBay phish that didn't quite work as well as it could have, but it got at least one poor soul. Be sure to check out the image of the obvious mistake.
And then F-Secure notes that there is a new threat to online banking. They call it 'Man in the browser'. Read on for details on both....
Couple of interesting reads in our General Software\Internet forums today, first up we have a Mom who helps police in Spain bust a kiddie pr0n ring after she stumbles upon some images. Resulting in 13 arrests. Always a good thing to rid the Net of low life, sick scumbags such as these pedophiles.
Then we have an instance of a blogger who made an innocent post about a charge to his credit card from a company he'd never heard of. Suddenly the post takes on a life of its own as others also complain of the same thing. The link appears to be Equifax. Investigations are of course ongoing.
Monday, November 26, 2007
udjitjvqMS has been alerted to a serious bug in all Windows operating systems which could allow malicious code to execute, especially not in the US.Herrre We Go Again......
Tuesday, November 20, 2007
Hot on the heels of WinPatrol's birthday, comes an award as one of 'Top Windows Utilities' by a popular online website. It's almost as if everyone has begun to find out what I've always thought, Scotty is just one of the best pieces of software you can have on your PV. Don't you think so?
We've got 3 new stories which I think are good reading for all.
First we have RBN involved with a Monster.com hack. The site pages affected have been pulled but those guys get into everything.
Secondly, with holidays around the corner you can bet malware scumbags are spooling up email spam attacks to try and trick users with social engineering tactics. Watch your inbox for those amazing deals which seem to good to be true, because they are.
And lastly, in an effort to curb the malware guys researchers suggest trying to hit them where it hurts, the pocket. Too bad they can't all agree on how to do just that. Then there's the problem of prosecution. The scumbags hide out in countries that don't exactly have any real effectual policy on Net crime.
Monday, November 19, 2007
Looks like MySpace has fallen victim to a huge China based phish campaign. All domains involved end at that TLD, .cn. I'm sure the MySpace IT staff is on the job tho, all 1-2 of them. Unless it's holiday season. Or after 5PM. Phishing For
IDs @ MySpace
Researchers predict by then we won't be able to use the Net. Too many viral sites, online purchases and search engines will be the end of the Net as we know it. Yeah, yeah sure sure, talk about FUD. The Sky Is Falling....NOT
Sunday, November 18, 2007
Scotty is 10 years old tomorrow. For ten years BillP has been offering this freeware product which has helped countless Net users regain some control of their machines.
As the Net has become ever more dangerous, Bill has added many security related tools to keep that control. And never has a cooler more concerned guy for the Joe Net user. And it's been free for the basic program, which for each upgrade still includes some neat stuff.
So everyone help Bill blow out the candles and wish for WinPatrol's continued stride to becoming one of the Nets most popular 'must haves' on any system.
HAPPY BIRTHDAY Scotty & Bill! Celebrate here.....
Friday, November 16, 2007
The researchers at McAfee are predicting more complex and intelligent bots, as well as attacks of gaming sites and more concentrated effort to breaking Vista in 2008. More here....
Back in October a security researcher had a look into the economy of proprietary tools used and sold by malware authors. It's a pretty interesting read, they really do operate as small, but illegal businesses. Tracking The Tools....
Thursday, November 15, 2007
As opposed to the Storm worm gang, the asshats that push the fake codecs, which turn out to be Zlob infections have finally made a slight change. Instead of tricking users into installing a codec, they're now saying you need to update your flash player. See More here....
Wednesday, November 14, 2007
Well, it's not like this would surprise anyone. The RBN seem to have a hand in just about every illegal operation on the Net. Why not ad serving? There sure is alot of it going on these days. RBN Does Banner Ads....
Yes, that's right, the BMG have recently changed things up for the worse since last time.
Now you can get, along with the latest info in the blog sphere, a Vundo\Virtumondo infection, any form of SDBot variants, RDBot backdoors and Zlob infections. Of and it goes without saying you'll also be able to get the generic annoying type of adware that comes with the previously mentioned goodies.
And I didn't have to do a thing, just land on one of the thousands and thousands splogs which are set up just to do this, spread malware. Google knows about them. Myself and one of the Blog*Stars have communicated information all about this amazing nastiness running around. All you have to do is go 'Next Blog' hunting. But I warn you not to do this unless you have a machine you don't care much about and has no data on it, because these blogs can crush the average machine to bits.
See what I got with no effort at all. And pray you don't ever run into one of these. Google BlogSpot: Great Place For Malware
Tuesday, November 13, 2007
This weeks variant is a stock scam and a pop up as well. As per usual, don't open any unknown or even ever so slightly suspicious emails. If you do....well then you sure won't do it a second time now will ya? Storm Worm Update Thread
In an effort to get users protected as well as push their new ForceField virtual browser, CheckPoint software, makers of Zone Alarm security products is offering ZA Anti-Spyware for free. The virtual browser is also free. Check it out here
Monday, November 12, 2007
Well it looks as tho after running out of China, perhaps due to the quick research of determined security researchers, the RBN boys have popped up in India.
As per usual, screen caps and direct code snippets supply all the info you need to draw your own conclusions. Lets hope India does not become a haven for malware as it has for outsourcing. Follow the bouncing gang....
Sunday, November 11, 2007
If you've got a band on MySpace or have a fav band bookmarked, you're goint to want to read this and learn about this hack. Seems tons of band profiles have been hacked pretty good, and MySpace does not appear to have a handle on it yet.
Saturday, November 10, 2007
The Russian Business Network set up shop in China on approximately Nov. 8. As of late Friday, they have disappeared off the radar.
Could the RBN gang be diversifying their network? Perhaps the publicity has them breaking things up to try and subvert quick attention? Read what the experts think.....
Friday, November 09, 2007
Thursday, November 08, 2007
Well the boys over at RBN have started what amounts to a shell game of sorts. They have begun to use a different IP than they had previously. This is not anything new or unexpected.
They've been doing this since 2004. What's new is that they are now monitored by a lot of people. People who are just as motivated to exposing them as they are to ripping people off. They keep moving, the security community keeps whacking them down. Watch the shell game
Wednesday, November 07, 2007
UPDATE 12PM MST:
Brian Krebs of Security Fix @ the Washinton Post says it's possible RBN may relocate servers to China.
Well at Trend Labs is reporting that IPs related to RBN are no longer resolving. This could be one of two things, either they have been shut down, or they are re-configuring.
Wanna guess where I'm putting my money? Wait...there's more!!
Here is a round up of the last couple of weeks and I promise to blog more regularly.
Child porn websites 'worsening'
Sophos: Top spam-relaying countries - US leads the way
Magazine Sites Serving Malware
Corporate malware on the rise
Bots Rise in the Enterprise
Internet Researchers Discover New Hacking Service Site
FTC: Let us fine spyware operations, already!
New WinPatrol Features: Windows Update & Browser Alerts
Botnet on Demand Service
Storm Worm Updates [Oct 30]
MessageLabs Intelligence Report for October 2007
Whois studies approved, privacy deferred
AOL to let users block targeted Web ads???
Police dismantle global child porn network
Hijacking Flash banner advertisements again...
Do Search Engines Need To Be Regulated?
NOW, A WAY TO STOP ID THEFT
Russian Business Network: Cyber Criminal Haven
Wednesday, October 17, 2007
These last two weeks I've been very busy with a new 'old' PC that's been giving me fits still and working on a series of splog farms right here on Blogger. Stay tuned for more on this, it involves a huge amount of blogs, like over 3000, all of them connected and all pure spam.
This last week or so has been a little quiet tho, here are a couple hi-lights:
This latest version is now set up to propagate by looking for address books to cultivate and spam, and also looks for files related to websites, such as .htm, .html, and .php files and inject malicious IFRAME code into them.
This is a big step for this gang and researchers say it's a step that indicates there may be sales on the code soon to come. Read More Here
Friday, October 05, 2007
This weeks round up includes alot of antivirus and phish news.
Tuesday, October 02, 2007
Sunday, September 30, 2007
Apologies for not blogging the last week or so. I've been involved with a 'donated' Pc for me to play with and it's been giving me fits with every turn.
Here is a round up of the some of the forum topics:
WinPatrol PLUS Data Collection
Thursday, September 20, 2007
Looks like this is a brand new rogue, not much via Google at all. They joined my site and left a link to it in their siggy. Guess that was a bad idea, eh?
When you go to their site you get an immediate re-direct for another known rogue install. Guess who spread the news all over the Net? This will be updated as more info is found. Read More Here
Wednesday, September 19, 2007
After clicking a single link, each leading to an .hk(Hong Kong) domain and sitting there a few minutes while IM'ing Chuck, things started to happen and happen fast.
First hint was Process Explorer activity. I noticed in my task tray it began to get jumpy and was figuring I'd see the same as last time. But no, this was not the same.....this would turn out to be much worse.
The activity got so crazy I was expecting the machine to freeze up, but it didn't. It maintained a balance of activity with files loading and deleting themselves for at least 45 minutes. In that while I got Drive Cleaner installed as well as a few rootkits too. See The Carnage Here
Wednesday, September 12, 2007
How can this happen, a notoriously famous piece of malware gets 'certified' by a popular and well known Internet certificate issuing company. Something is wrong, very wrong.
One would think that they would have this company on a blacklist of sorts yes? Read & Discuss Here
Tuesday, September 11, 2007
Sunday, September 09, 2007
BillP has yet made available another WinPatrol update. With the recent change in v12 to the 'newer' Scotty icon and subsequent complaining that many users like the older icon, Bill now has included an option to use either or. Really, now how cool is Bill? Read More Here
With all the hoopla that seems to be heaped upon each and every new Storm\Nuwar\Peacomm\Peed\Zhelatin worm I thought I'd make a quick little template for these alerts so security people could make posting said alerts a little bit easier.
Mind you, I may not give too much attention to this because it's the easiest thing to avoid. Just don't open any unknown\odd\unusual\ emails! Plain as that. If you do, then you deserve what you get. Yea, it's harsh....get over it.
See my post here
Monday, September 03, 2007
Safer-Networking finally releases the new, latest and greatest Spybot Search & Destroy. Accept no substitutes, as many use the 'Spybot' name to rip off the good people who made the application the big success it is today.
They made a ton of improvements and its already Vista capable right out of the box, unlike some other anti-spyware company that took another month or so.
To read about all the highlights and check out the home page right here,
Within the world of malware there are a couple of infections which seem to develop new variants very quickly. The type which seem to be the fastest, with new variants uncovered daily are of the 'bot' variety. These include but are not limited to backdoors, proxies, password stealers, downloaders\droppers and spambots.
Their names can strike fear in the hearts and minds of IT professionals all across the world not to mention make a home user nearly passout. Hacker Defender, InfoStealer, Rustock are but to name a few.
These can in many cases be cleaned up, tho to be honest, wiping the drive and reformatting to reinstall Windows is probably the best advice. If you have one of these then you'll be needing to use a specialized tool called SDFix, by Andy Manchesta.
Do not attempt to clean any bots on your own. These can require some specific registry fixes even before you begin cleaning, not to mention many bots are coded to prevent running of removal tools. Instead first install and run HijackThis! and post the resultant log into my Countermeasures: Extraction Hlep forum and I'll assist in removal.
Sunday, September 02, 2007
Just the other week, I posted about WinAntiVirus links which were found to be on some blogs. All of which were taken down by Google. Now these were specific blogs created to drive traffic to either infect or dupe users.
Then Sunbelt Blog posted about Storm worm links embedded into Blogger\Blogspot blogs. Again, specifically created to infect.
This weekend I decided to go looking for malware and boy did I find it! First link I hit, POW!! Malware got installed immediately. And some not very well detected malware either. I went out twice and got infected within 1 minute the first time and within 3 minutes the second time and I found a bunch of blogs all pushing the same malware. Read more about it, see the scan results right here
Friday, August 31, 2007
So there you are thinking you're all safe and sound cause you don't surf those nasty pr0n sites and can't get slammed with nasties right? WRONG!
A honeypot study shows that the percentage of other types if sites that contain malware are right behind those adult content sites, and not that far behind either.
I guess we only hear more about the adult content sites because there are more people perusing those sites than others. Ever get infected by a site which looked' safe? Talk about it right here
Looks like the malware scumbags have come up with a new tactic to try and rope in victims. They seed forums with bogus posts, luring users with pix of their fav celeb and then once at the site, users get prompted for a codec install.
Wednesday, August 29, 2007
Well Zango has once again been beaten by the legal system. Their suit against a well known anti-virus company has been thrown out. That's twice in one week..............in two days even! Could this be the beginning of the end? We can only hope. Karma, it's a bitch. Read More And Share Your Opinion
Tuesday, August 28, 2007
Monday, August 27, 2007
Sunday, August 26, 2007
OK, like this should surprise....................who? Certainly not anyone familiar with any of their other tactics at trying to gain installs via any sneaky way they can thing of.
Lowlife scumbags and the FTC let them slip right thru their fingers. Read More Here
Saturday, August 25, 2007
It looks like the scumbags behind the Storm worm have changed things up again. Now they have begun to circulate spam with links 'supposedly' to YouTube, but in fact are bots controlled and designed to deliver malware. As usual, users need to be vigilant and never open any emails from someone you don't know, and even if you do know them, verify the contents of any links. Read More Here
UPDATE: MS Claims to have fixed the problem, see forum thread.
Ok, it would seem there is a glitch with MS Windows Genuine Advantage servers. Users are being told thier copies of Windows are invalid. It affects Vista users more than most others. Just what MS didn't need. Read More Here
Friday, August 24, 2007
Recently while perusing Digg, I came across a blog on Google Blogger domains pushing rogue software, WinFixer to be specific. I buried it and with the help of another blogger, had it shut down.
Now we're on a mission, looking for more rogues. They seem to run in groups, and almost all are identical in design and content, with a big 'ad' right at the top.
We're hopeful that Google will step up and do something about what could be a very serious problem for unsuspecting users. It's not so much the software that's bad, but they want you to buy the stuff to remove threats and we all know that's a scam. Read More Here
Thursday, August 23, 2007
Well, if you have, shame on you. If you opened on and then clicked on the link contained therein, you ought to be smacked! People like you make spammers rich just on curiosity alone. WAKE UP!
NEVER open emails unless the sender is known to you. NEVER click a link in a suspicious email. If you have done so, you'll need to get HijackThis! from here
and install as instructed. Then post a log into my Countermeasures:
Extraction Help Forum.
Of course you'll need to register to gain access and post the log.
I'll be all over it, like white on rice....no 3, 5 or 10 day waiting at this forum, no sir.
Wednesday, August 22, 2007
Monday, August 20, 2007
qtkbkOnce again my site has been featured in a newsletter which as it turns out has brought over two dozen new users to the site. After being mentioned in TechSupport Alert Newsletter the doors were busted down by people looking to join! An amazing display of how popular it is and how much they regard Gizmo's
They featured us as a site to get quick HijackThis! analysis.
But none of those have ever generated this level of new user memberships. Not to take away from any of those publications mind you.
So thanks to everyone who joined, thanks to Gizmo(I emailed him personally to do so) and I hope the new users find the site\forum contains info they find helpful.
Friday, August 17, 2007
Then you may have something on your system which you didn't ask for. Likely you're not sure where you even go it.
But help is just a few clicks away. Find out if your system is dragging due to malware installed, using up your CPU and making regular normal day to day operations a real painfully slow process.
With a HijackThis! log file I can help you find and remove these bits of annoying software\files\folders registry entries.
And it won't take 3 days. Or 5 days. Or 10 for that matter. I can get you going right away.
Join the forum and drop your log into the Countermeasures: Extraction Help section.
Well the week started out with the concern over domain name parking and how users can be re-directed to malware sites via ads. Seems to be a growing trend, malware\rogue affiliates use legit means to sneak in thru the back door on viable sites.
Tuesday brought us a new blog by PayPal. Why this wasn't started sooner I have no idea. You'd think it would be a no brainer, so they could address the latest security concerns as it relates to phishing emails.
Wednesday was a busy day. We were warned about the threats about cyber squatting. This is when the bad guys buy up domains looking to make a fast buck. 248% increase in one year!
Thursday brought news of rogue DNS servers which could re-direct users to malware sites when errors were made looking for legit sites.
Friday looks sort of quiet so far. Just an article about ad servers perhaps clogging the Tubes. And a related one about some websites actually blocking FireFox users because they don't spend any money on said sites.
There was also an update to the Malwarebytes Rogues list.
Thursday, August 02, 2007
I had a brief exclusive on this a few days ago, but now it's official, WinPatrol 2007 v12 now release to the masses.
What's new? A new Scotty icon which looks marvelous and there are two new report buttons, one provides a HijackPatrol log(similar to HijackThis!) and a SpreadSheet log button as well. It's now easier to access PLUS features as well
as update future options.
Tuesday, July 31, 2007
Once again, the venerable Ben Edelman has caught the scumbags at Zango doing the things they were told and agreed not to do. The FTC leveled a fine for these
types of practices. Yet it seems the 3 million was not quite enough of a deterrent.
I'd make a 3 million dollar bet the FTC don't do much of anything different. Launch big investigation, make a bunch of press releases, give the illusion that they're gonna do something. And in the end, it all turns out to be smoke and mirrors. Zango pays some minute fine, FTC feels better, Zango laughs all the way to the bank.
Rinse wash and repeat. Read More and Discuss
Monday, July 16, 2007
Lots of tips and news on Vista and Vista SP1. Read More In Vista Forum
FBI says more spam prosecutions coming, Symantec monthly spam report and instant phishing scams for sale. Read More In Phishing & Spam Forum
Tuesday, July 10, 2007
Tuesday, July 03, 2007
iPhone phish spotted in the wild already, but the spammers weren't as fast as the malware guys. Read & Discuss Here
And up from 5,000 sites per month, new malware sites take a huge jump in just a few months. YIKES! Read & Discuss Here
Monday, July 02, 2007
We have several new entries into the Rogue anti-spyware listings. We now have three great resources for this, Eric Howes' list (no recent updates), as well as the developers of RogueRemover at Malwarebytes and finally Security Cadets.
With these guys on the job, rogues don't stand a chance in hell of getting too many victims to bite on their sleazy products. Read & Discuss Here
Got one of these rogues on your system? Post a HijackThis! log into our Countermeasures: Extraction Help Forum
Saturday, June 30, 2007
As I was away for most of the week, I'll give a little round up of what's been posted since my return.
As usual, don't click these emails, you're likely to need a visit to our Extraction Forums
A bit of research into the hows and whys of the social engineering tricks spammer use.
Latest variants of the Storm worm have resurfaced and are filing inboxes over the Net.
It didn't take long for first iPhone scam site\malware to surface.
Rival gangs expend time on eachother, which could be good for us.
Net traffic has spiked in some parts of the world with no exact cause pinned down as yet.
Sunday, June 24, 2007
Wednesday, June 20, 2007
Tuesday, June 19, 2007
Thursday, June 14, 2007
This is a new term for online advertising. It was made up by some guy. Maybe not specifically for the adware business, but it certainly sounds much better than the one word that strikes fear into the hearts of users globally.....adware!
And who is behind this push for the new terminology? It appears to be WhenU, but I'm unsure at this time. It would seem fit a theme WhenU CEO Bill Day touted last year when he said "Adware as a term will die in twelve months". Sounds like they have begun down that path with this association. Read More & Discuss
Tuesday, June 12, 2007
This months Windows updates are out, be sure to check them out. Four critical ones, one important and one moderate.
Malware researchers have banded together to help prevent a fiasco such as the Julie Amero case from ever happening again. It has some very prestigious malware researchers involved, its called the Julie Group
And a new worm uses a video from YouTube to infect users. While they watch the vid, malware downloads a trojan to steal your info. I'm surprised there has not been more of this, read on.
Finally I have HijackThis! analysis available and it's fast too. No days of waiting to get assistance to remove malware. So if you have any unwanted software on your machine, join the forum and drop a log into Countermeasures: Extraction Help forum.
Sunday, June 10, 2007
Two new rogues have hit the scene, ContraVirus and SpyCrush. Each is targeted by special removal tools already. Read More Here
As usual, if you're infected with either of these or any other SmithFraud\Zlob variants, be sure to have us look at a log in our Countermeasures: Extraction Forum.
Friday, June 08, 2007
Lavasoft released their new version of Ad-Aware yesterday, Ad-AWare 2007, after much beta testing. Well, I guess it wasn't quite enough. Several users have complained about glitches, system crashes and Vista incompatibility too.
Wednesday, June 06, 2007
Well it looks as tho the recent story about Dreamhosts being hacked has affected Cexx forums in that when you go there as of this writing, you get a blank page. The admin is well aware and is working to restore status as quickly as possible. Keep an eye on this blog for its return to service.
Tuesday, June 05, 2007
Zango recently filed a lawsuit against Spyware Doctor. Just earlier today, Zango was denied a TRO. They then claimed that because Spyware Doctor changed its detection of Zango that they were victorious by forcing their hand.
Read & Discuss Here
Monday, June 04, 2007
McAfee SiteAdvisor team posts up a state search engine safety write up. This follows previous write ups and of course it's never very good news. Another reason for users to use things like SiteAdvisor or other related browser
protection devices. Read & Discuss Here
Friday, June 01, 2007
The spam and phishing forum has been very busy this week. Friday brings no end. A bit on the major spammer arrested and why it won't impact your inbox.
And then a look into what the future of spamming techniques holds
Then we have a bit of a technical read about the effectiveness of anti virus software
Lastly there is a new MSN IM worm spreading
Enjoy and don't forget to let us know what you think.
Wednesday, May 30, 2007
Google has recently rolled out a security blog and released a technical paper and now the just bought out an anti-malware company as well. And one of their employees wrote a cool app for webmasters to check and see if their sites have
malicious code. Read & Discuss Here
And I stumbled upon a neat write up showing a bunch of firewall testing tools to see how secure you really are. Read & Discuss Here
Digg links for both on respective page.
Sunday, May 27, 2007
Users who routinely adhere to good security behavior and type in urls to their banks as opposed to following links can be duped into giving their info anyway. It seems as tho the creators of this malware have injected to to add fields for additional info. They never cease to amaze me in their abilities to circumvent almost any sort of barrier put up. The good folks at Symantec provide anlysis. Read & Discuss Here
Saturday, May 26, 2007
Read about the man who owns the Internet, its pretty interesting.
Then there is the big deal about Dell & Google, they are making money installing some 'extra' software.
Speaking of Dell, you will soon be able to buy them at Walmart.
And a lemon law for computers?
Finally for some laughs watch some funny techy videos.
Don't forget to take the time to comment on what you see, I'm always interested in seeing what people like and don't like.