Our Twitter Q&A with Threat Research Director Jeff Horne

by

By Jeff Horne On December 11, 2009, users of Twitter submitted questions to Webroot’s Director of Threat Research, Jeff Horne, as part of a live Q&A session. Webroot’s Twitter followers asked questions about connecting safely to the Internet while traveling during the holidays. A variety of questions came in live, with some others through direct messages in advance, and one non-twitter user asked a question via Webroot’s Facebook page. The interview was tracked using the #webroot hashtag, which has been omitted from the tweets to make them easier to read. We’ve posted a transcript of the Q&A on the following […]

Continue Reading »

Visa Targeted (Again) by Zbot Phishers

by

The gang of malware distributors who are currently flooding the Internet with bogus Facebook “Update Tool,” CDC “H1N1 Flu Vaccination Profile,” and IRS “Tax Statement” emails and Web pages are at it again — this time, targeting Visa with a fake email alert that leads to a page hosting not only a Trojan-Backdoor-Zbot installer, but that performs a drive-by download as well. This is the second time in less than a month that malware distributors have targeted Visa; Just before Thanksgiving, we saw a similar scam involving links to bunk Verified By Visa Web pages. I’d say it’s ironic that […]

Continue Reading »

New Koobface Creates its Own Malicious Web Pages

by

Over the past several months, we’ve seen Koobface steadily progress in its ability to infect systems with malware. In our latest tests, we’ve found that the most recent version of this social-networm has a few new holiday-themed tricks up its sleeve. Among those tricks are a new, improved “captcha breaker” utility; A tool to check whether you have a Google and/or a Blogspot account (and, if not,  it creates a new Google account); And a tool designed to create Google Reader pages on the fly, which the worm then uses to post malicious code. Those Google Reader accounts then end […]

Continue Reading »

Bogus “New Moon” Torrents Lead to Malware

by

A week since the file-sharing clearinghouse Mininova changed its business model and deleted links to copyrighted material being shared over the peer-to-peer Bittorrent network, malware distributors continue to exploit the confusion as people who download movies, TV shows, and other shared files seek out new sources for those files. As a torrent search engine, Mininova had to deal with a significant number of malicious torrents posted to their site each day. The service had a reputation for rapidly deleting torrents which led to Trojaned applications, or maliciously crafted media files that lead file-sharing enthusiasts into infections. But in the ensuing […]

Continue Reading »

Fake Zbot Site Poses as CDC H1N1 Flu Vaccine Info

by

The newest victim of the faux-Web-sites-posing-as-government-pages scam is the Centers for Disease Control and Prevention. In the same vein as fake pages supposedly hosted on the Web servers of the IRS, FDIC, and other organizations, we’re seeing a new scam to infect computers with Trojan-Phisher-Zbot that pretends to be a “Personal H1N1 Vaccination Profile.” As with the previous scams, dozens of Web servers are involved. The URLs involved in the scheme all begin with the “http://online.cdc.gov” — the “online.” subdomain is not used by the CDC — followed by a six- to seven-character random domain name and a non-.gov top-level […]

Continue Reading »

Fakealerts Target Black Friday Online Shoppers

by

Now that the turkey and pumpkin pie has settled, and everyone’s gotten a good night’s sleep, shoppers are busily hustling the Web for the best deals. I’ve been doing the same thing, and wanted to share some of my tips that may help you avoid becoming snared in the most prolific cyberscam of the moment: fake virus alert messages (otherwise known as fakealerts). For months, the perpetrators of this fraud have been honing their skills at targeting malicious web pages to rise in search results for  whatever is in the popular zeitgeist-of-the-moment. Victims experience a computer that appears to be […]

Continue Reading »

Fakealerts: Building a Better Mousetrap

by

In general, the use of fakealerts – those bogus warnings that look like your PC has started some sort of antivirus scan on its own, then predict imminent doom if you don’t buy some snake oil product right this minute — is on the rise. Fakealerts constitute a particularly effective social engineering trick, earning the makers of bogus, ineffective “antivirus” programs millions of dollars (and the scorn of victims) in the process. So it should come as no surprise that the fakealerts themselves have gone through some technological advances in the past year. In the past few months, the fakealert-makers […]

Continue Reading »

Internet Security Trends – A Look Back at 2009, A Look Ahead to 2010

by

By Gerhard Eschelbeck It’s been a busy year in Internet security — cybercriminals were crafty and creative while we security vendors worked hard to stay a step ahead. Let’s take a look back at the biggest security trends of 2009, and at predictions for what’s ahead in 2010. 2009 – The Year in Review Conficker. Targeted at enterprise networks but also crossing over to individuals who could bring it home on a USB stick, Conficker generated a lot of media discussion which drove confusion among consumers and concern among IT admins. Conficker renewed the public’s focus on Internet security, at a […]

Continue Reading »

Faux “Verified By Visa” Phishing Scam Targets Holiday Shoppers

by

When you sign up for a credit card — even with one of those pre-approved applications — you still have to provide the bank with your name, address, mother’s maiden name, social security number, and a host of other personally identifiable information. Once the bank issues the card, it shouldn’t ever need to ask you for all of that information again. But a phishing scam making the rounds this week — one that appears to be targeted at holiday shoppers who buy gifts online — aims to fool victims into doing just that. The scam begins with an email, informing […]

Continue Reading »

Phishing Scheme Targets E-Payment Rule-Maker, NACHA

by

Coming on the heels of similar fraud schemes that targeted victims using the names of such familiar institutions as the FDIC, IRS, and HMRC, scammers are trying to get people to infect their own computer using a different organization’s name—one that is probably unfamiliar to most people. NACHA is a not-for-profit association that “oversees the Automated Clearing House (ACH) Network, a safe, efficient, green, and high-quality payment system.” In other words, they write the rules for the organizations that run the pipes through which money flows between banks and businesses–the circulatory system of the financial world. In fact, more than […]

Continue Reading »