Posts Categorized: mal-effects


Social Nets Put Your Privacy at Risk

by

By Mike Kronenberg Attention Facebook and Twitter users: You’re still at risk. Last year, our survey found that lots of people using social networking sites were taking the risk of financial loss, identity theft, and malware infection. Have things gotten any better? Well, the answer is yes but, unfortunately, not better enough — and potentially a lot worse for some of you. The results of our 2010 survey reveals that more of you are adhering to some safe behaviors — like blocking profiles from being visible through public search engines. That’s a good thing, but the downside is over 25 […]

Continue Reading »

Pushu Variant Spams Hotmail, Cracks Audio Captchas

by

A new version of Trojan-Pushu is doing some interesting stuff to bypass captchas used by Microsoft’s Hotmail/Live.com/MSN webmail services in order to spam people with links to malicious Yahoo Groups pages. The three-year-old spy (known by a variety of other aliases, including Cutwail, Pushdo, Diehard, and Rabbit) has always been, primarily, a spam bot. In this case, however, the spy is not sending spam by connecting to open mail relays or more traditional means; It’s spamming through the Hotmail/Live.com Web mail interface. Most interestingly, during the course of the spam sessions, the spy apparently pulls down “audio captchas” and successfully […]

Continue Reading »

Weird New Koobface URLs Use Old Tricks

by

Pretty much since it arrived on the malware scene, Koobface has used the technique of sending messages with Web links — in your name, to your friends — as a method of propagating the infection to others. Using your name is a powerful social engineering trick, and the makers of the worm have tried innumerable ways to mask the danger behind those dangerous links: They’ve used “short link” services like Bit.ly to hide the destination; They build pages on sites normally considered safe, like Blogspot or Google Reader, that simply redirect users to a dangerous page; and they use stolen […]

Continue Reading »

Fakealert Accurately Mimics Windows Update

by

A new Windows Update-themed stupid malware trick that’s making the rounds appears to be trying to capitalize on the recent frequency of “out of band” Windows patches Microsoft has been releasing lately. The spy, which serves as nothing more than a vehicle for the fraudulent sale of a fake product called Antimalware Defender, so closely resembles a Windows Update installation dialog that some members of our threat research team who saw these files had to pause and look carefully at the dialog box before deciding it is, in fact, a big fat hoax. Even the Microsoft Knowledge Base article the […]

Continue Reading »

Botnet Trojan Adds “Gootkit” Code to Web Pages

by

An insidious new Trojan that finds its way onto Windows PCs in the course of a drive-by infection employs a novel method to propagate: It connects to Web servers using stolen FTP credentials, and if successful, modifies any HTML and PHP files with extra code. The code opens an iFrame pointing to a page that loads browser exploits. The exploit pushes down the infection, which then perpetuates the process. The initial infection vector in this case was a spam message supposedly from Amazon.com containing a link to the page which performs the drive-by attacks. The malware, which we’re calling Trojan-Backdoor-Protard, […]

Continue Reading »

Twitter Phish Floods Network with Short URLs

by

All day, I’ve been getting reports from my Twitter-using friends and acquaintances that they’ve been receiving tweets of short URLs. I took a look and it looks like another phishing campaign aimed at users of the social network is underway. The short URLs, prefaced with the message “This you???” lead to a fake Twitter login page. The fake login page is hosted on a domain that points to a server in China. Other domains that are currently hosted on that same server’s IP address, including bzpharma.net, have previously been implicated in earlier Twitter spam campaigns. The same domain appears to […]

Continue Reading »

New Research: IT Pros Sound Off On 2010 Security Concerns

by

Research from¬†the enterprise¬†security experts at Webroot With the explosion of social networking sites like Twitter and Facebook in 2009, it’s no surprise cybercriminals have set their sights on these Web sites for new victims. Facebook now has over 400 million active users and Twitter has over six million — a sizeable pool of potential targets. These new threats are a cause of great concern for IT managers and businesses. Webroot recently surveyed over 800 IT professionals in the US, UK and Australia, at companies ranging from 100 to 500 people in size, to learn what are their biggest concerns for […]

Continue Reading »

Phishing Campaign Targets Frequent Fliers

by

A variation of a phishing scam aimed at members of American Airlines’ AAdvantage program is circulating again. With links to a phishing Web site embedded in a spam message, the scampaign promises (in characteristically broken English) that all participants in a survey will receive, depending on the campaign, either $100, or “$50 & 25,000 miles” credited to their account. The spam messages are appearing not only in email inboxes, but also as posts on what appear to be compromised blogs. The messages usually include the following text, signed by “American Airlines Reward Department,” obvious errors and all: We are proud […]

Continue Reading »

British Music Awards Draws Web Scams

by

Music fans may already be aware that next Tuesday the British music industry will honor the top acts of the year at a ceremony known simply as The BRITs. What they may not know is that common Internet criminals have begun to target people searching for information about the artists and the music connected with the awards for attack. This will be the 30th ceremony held in the 33 year history of the awards. As in previous years, the BRIT Trust (a charity run by BPI, the UK’s recording industry trade association) will donate profits from the ceremony, including the […]

Continue Reading »

Tax-Themed Phishing Scams Cross More National Borders

by

Sometimes, the early bird gets the worm — and not in a good way. People who file their tax returns early are being targeted by a phishing scam that comes with the promise of a big income tax refund. Unlike previous tax-themed scams, which have been based on the stick — fake warnings or penalties supposedly issued by the Internal Revenue Service and its UK counterpart the HMRC — these carrot Tax Refund Online Form frauds promising payouts appear to originate from different countries’ tax authorities, notably those of India and Canada. We’ve come across a number of identical pages […]

Continue Reading »