malware Articles

Spam is Getting More Malicious
· 2

Symantec has released two new reports for the month of November – the State of Spam, and the State of Phishing (both PDFs). The reports highlight a dramatic increase in spam that contains malware. On top of that, junk and malicious email now accounts for close to 9 out of 10 email messages.

Stealth Phishing Attack Looks Like Internal Email

Security company Trusteer Research issued a security advisory this week, dealing with a stealth new Zeus/Zbot phishing attack, which is aimed at harvesting enterprise log-in credentials for web banking, financial, HR, and SaaS accounts.

Google Launches New Webmaster Tools
· 2

Google has launched a couple of new Labs features for Webmaster Tools. One is "malware details" and the other is "fetch as googlebot."

Google is providing snippets of code from pages it considers malware, in order to help webmasters eliminate the malware on their sites quickly.

Earthquake and Tsunami Searchers Targeted By Malware
· 2

You have probably heard about the Indonesian Earthquake that took place last night, claiming the lives of many. Shameless cybercriminals have not wasted anytime exploiting the disaster targeting people around the world who search for information on the subject.

Microsoft Gives Out Free PC Security
· 3

Microsoft has launched a new free anti-malware tool called Microsoft Security Essentials. The service is designed to protect consumers from viruses, spyware, and other malicious software.

The service has two very strong elements going for it. For one, it is from Microsoft, which means it comes from a well-known brand that practically all consumers are familiar with. Secondly, it’s free, and that is another word that resonates with consumers.

Site Hacking Facebook Accounts for $100 a Pop
· 51

Security company Panda Labs has discovered an online service that promises to hack into Facebook accounts for $100. They claim they will provide "clients" with login and password information to access any account on the social network. Do you feel like your information is secure on Facebook? Comment here.

Online Banking Threat Bypassing Up-to-Date Anti-Viruses
· 1

There is an online banking Trojan out there that is bypassing up-to-date anti-virus programs as much as 77% of the time, according to security company Trusteer. The Zeus Trojan is also known as Zbot, WSNPOEM, NTOS and PRG. It is the most prevalent financial malware on the web, Trusteer says.

Security Issues Holding Back Social Media’s Potential
· 5

Social Media’s rise in popularity has created some very real problems for the Internet and its users. Social networks like Facebook and Twitter have seemingly opened the floodgates to security troubles, and over the past few weeks, this has been accentuated by a number of issues and studies.

Google Shares Interesting Malware Stats
· 1

Google is sharing some interesting statistics on malware, such as the number of entries on the Google Safe Browsing Malware List that have occurred over the last twelve months, and search results containing a URL labeled as harmful.

"We’re glad to share this sort of data because we believe that collaboration and information sharing are crucial in driving anti-malware efforts forward," says Niels Provos of Google’s Security Team.

Short URL Spam a Big Threat in August

Spammers are taking particular advantage of the heightened interest in health-related issues like swine flu and healthcare reform to distribute large shortened-URL spam runs using the Donbot botnet, according to Symantec’s MessageLabs.

Twitter Quietly Takes Step Toward Security

Security firm F-Secure discovered that Twitter has begun blocking links to malicious sites when users try to post them. Twitter has not acknowledged this with an announcement yet, but users (at least some) are getting the following message when trying to post a link to a known malware site:

"Oops! Your tweet contained a URL to a known malware site!"

Journalists Not Protecting Themselves Online

BPM Forum and AVG Technologies released some interesting findings from the Protect the Press Poll, a survey of the cyber security habits of the working press. The biggest takeaway is that the supposedly well-informed members of the press are no better at protecting themselves online than the average user.

Bing Promotes Ahead-Of-The-Curve Malware Filter

Whether you think about it or not, the issue of safety probably affects just about every decision-making process.  After all, even if you favor a grocery store based on its low prices and convenient location, you must also on some level recognize that muggings don’t occur there every day.  And Microsoft wants to make sure you feel safe using Bing, too. 

Blackhatters Hit Google, Twitter

PandaLabs has identified thousands of links designed to target searchers looking for information on recently popular targets. With the goal of infecting unsuspecting victims with scareware, Twitter recently has also been bombarded with trending spam.

Blackhat SEOs targeting Google search results came to light this spring to redirect trusting users to scareware sites—sites falsely warning targets of viruses on their machine, offering fake system scans, promoting expensive fake anti-virus programs, and installing Trojans.

Malicious Content Found More on Well Established Sites

MessageLabs Intelligence released some new  information today indicating that the assumption that most web-based malware resides on fly-by-night websites touting adult content, is an "old-fashioned notion."

Instead, a MessageLabs (part of Symantec) spokesperson tells WebProNews that cybercriminals are more likely to be hiding on legitimate web sites tha have been compromised.

Data from the week of May 5th shows that:

Google Results Polluted By Cybercrooks
· 43

UPDATE: Since this post was first published, Google has said an algorithm change is pending to address the problem. Read more about that here.

Firefox Vulnerability Leaves Computers Open To Attack

There has been a lot of talk recently about browsers and the maneuvering that is occurring in that spacefirefox-logo due to new releases and expiring agreements and more.

Black Hat SEO Lucrative For Cybercrooks
· 2

Obviously, cyber crooks wouldn’t do what they do if there wasn’t any money in it. Thanks to some black-hat search engine optimization and a little rogueware (a.k.a. scareware), some are making almost $11,000 a day, according to FinJan’s first Cybercrime Intelligence Report for 2009.

Facebook Hit With Malicious App, Searchers Duped
· 1

As far as malware tricks go, this one is pretty diabolical. Over the weekend, Facebook users started receiving messages saying friends had tried to view their profile but were unable to do so. The message prompts the user to install a third party app, oddly titled “Error Check System.”

The actual text of the message reads: “[Name] has faced some errors when checking your profile View The Errors Message.”

(Some) LinkedIn Profiles Leading To Malware

Over the weekend, Twitter suffered from some security problems that fell more on the mischievous than malicious side of things.  Now, the sort of social media trouble quotient appears to have risen a bit as fake LinkedIn profiles are trying to send users towards malware.

Live Search Highlights Malicious Sites in Results
· 5

About two years behind Google, Microsoft has finally decided to start marking malicious sites in the search results for Live Search. Better late than never though, I suppose.