123
 123

Fri 09 May, 2008

Click here to bookmark this link.Channel Image21:26 More Fake Instant Messaging Scams» The SpywareGuide Greynets Blog
Here's another fake Instant Messaging application from the creator of the fake Google Talk program currently in circulation. This time round, the victim is MSN Messenger: Click to Enlarge Clicking the "Sign In" button opens up a smaller popup -...
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image20:21 Fluc.com says it's not a spammer, it's the users who are spamming» Sunbelt Blog

Flucceo1238888


As a follow-up to my previous post on Fluc comment spamming, check out the increasingly bizarre comments, including my exchange with Tim Davis, Fluc CEO.

Alex Eckelberry


add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image18:56 GTA 4 : des ventes plutĂ´t "Fast and Furious"» VNUNet News
Une semaine après la sortie du volet 4 du jeu vidéo Grand Theft Auto, son éditeur Take-Two recence 6 millions d'exemplaires écoulées.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image18:01 Vista serait plus vulnĂ©rable que Windows 2000» VNUNet News
Selon PC Tools, Vista est "seulement" 37 % plus sûr que Windows XP. Une version contestée par Microsoft.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image18:01 Passeport biomĂ©trique en France : protestation des photographes» VNUNet News
Des bornes de prises de vues en accès gratuit seront déployées dans les mairies qui délivrent ce titre officiel. Au grand dam des acteurs de la photo d'identité.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image15:59 Vnunet TV : S. Abiteboul (Inria): "Le Web a beaucoup plus de facettes qu'on ne l'imaginait"» VNUNet News
Ce chercheur, spécialisé dans les connaissances distribuées, s'intéresse à l'essor des réseaux sociaux et du phénomène Wikipedia.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image15:45 Commission copie privĂ©e : les industriels exigent une rĂ©forme» VNUNet News
Les membres du collège industriel font appel au gouvernement pour sortir de la crise qui agite la Commission d'Albis et avancent cinq revendications.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image15:20 L'ancien directeur gĂ©nĂ©ral d'AOL France passe chez YouTube» VNUNet News
Benjamin Faes est nommé directeur de l'offre publicitaire display pour la zone Europe- Moyen Orient - Afrique chez et YouTube. Il sera basé à Londres
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image15:12 Merrill Lynch’s Rock Phish Digital Certificate» TrendLabs | Malware Blog - by Trend Micro
The Trend Micro Content Security Team has recently encountered a phishing attack similar to what affected the Bank of America and Comerica recently. The scheme, that involves a malicious digital certificate supposedly downloaded from a link found on the spammed email is now used to fool Merill Lynch Business Center customers. Below is a [...]
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image15:09 “Drive-by Download” Takes A More Literal Meaning» TrendLabs | Malware Blog - by Trend Micro
Unsuspecting users who may wish to buy (or simply admire) the new Honda Accord are warned that may fall victim to a drive-by download, leading to the installation of an info-stealing malware. TrendLabs discovered today an attack on the official web site of Honda Cars in Thailand. According to Advanced Threats Researcher Jonell Baltazar, who discovered [...]
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image14:26 Yahoo sĂ©curise son moteur de recherche avec McAfee» VNUNet News
SearchScan vise à contrer les liens dangereux sur Internet grâce à la technologie McAfee.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image14:14 Vista security credentials tarnished in malware survey» The Register - Security

Better off with a Win 2000 box

Windows Vista is better at protecting against malware than XP but more easily infected than Windows 2000, according to a study by Australian anti-virus firm PC Tools.…


add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image14:00 Skype Phishing Pages Serving Exploits and Malware» Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
"Please, don't update your account information", at least not on recently spammed phishing pages which will not only aim at obtaining your accounting data, but will also infect with you malware through exploiting MS06-014. These phishing emails are a great example of blended threats, and while we're been witnessing the ongoing consolidation between phishers, spammers and malware authors for the last two years, this particular phishing campaign looks like a lone gunman operation.

Original message : "Dear valued skype member: It has come to our attention that your skype account informations needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service. However, failure to update your records will result in account suspension. Please update your records on or before May 11, 2008. you are requested to update your account informations at the following link. To update your informations."

Phishing URL : alertskype.freehostia.com, which is then forwarding to skypealert.ns8-wistee.fr/Secure.skype.com/store/member/login.html/Login.aspx/index/Skype.Members/index.htmls/ where the malware and the exploit are hosted.

Scanners result : Result: 3/31 (9.68%)
VBS/Small.W.1; Exploit-MS06-014
File size: 13569 bytes
MD5...: 4d6a559adf0602f7fd58b884e00894dc
SHA1..: 056f75e0dd94d03daeb04ae83d1b4a1b7476c0f2
SHA256: 3f08427228489edffd57e927db571aea06716c192ec72f91ea8115c0c7f978eb

The phishing page wasn't created, but copied from Skype's original login page. The phisher even left an email within the VBS, in this case - ikbaman@gmail.com. Virtual greed or contact point optimization for fraudulent purposes, passive phishing attacks can sometimes be quite active and leave the curious clicker with a false feeling of security.

add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image09:17 P2P : TorrentSpy condamnĂ© Ă  une amende de 110 millions de dollars» VNUNet News
La décision du tribunal américain est une nouvelle victoire pour la MPAA.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image09:15 Last.fm relance AOL Radio en Europe» VNUNet News
Last.fm assurera le lancement de la plate-forme de radio en ligne AOL Europe.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image09:13 Faute de Yahoo Microsoft s'intĂ©resse maintenant Ă  Facebook» VNUNet News
Les deux sociétés seraient en pleins pourparlers autour d’une possible acquisition.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image09:11 HP intègre YouTube Ă  MediaSmart» VNUNet News
Le fabricant a décidé d’intégrer des services vidéos à sa gamme de produits multimédias.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image06:00 Vente liĂ©e : nouvelle victoire d'un particulier contre Asus France» VNUNet News
Le jugement UFC-Que choisir contre Darty sur la vente liée PC/logiciels pourrait faire jurisprudence.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image06:00 Une pĂ©tition pour des sites publics accessibles aux personnes handicapĂ©es» VNUNet News
Une pétition en ligne circule afin de faire pression sur l'Etat qui doit valider un décret d’application lié à la loi pour l'Egalité des droits et des chances.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image06:00 Microsoft sort un plug-in pour les malvoyants» VNUNet News
Le module "Save as Daisy XML" permet de convertir des textes Word au format Daisy XML. Pour les transformer ensuite en fichiers audio.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image02:05 Malvertizements on mininova.org» Spyware Sucks

Several comments have been posted to my blog recently about a malvertizement problem at mininova.org:

http://msmvps.com/blogs/spywaresucks/archive/2008/03/23/1550824.aspx#1601871
http://msmvps.com/blogs/spywaresucks/archive/2008/03/23/1550824.aspx#1602159
http://msmvps.com/blogs/spywaresucks/archive/2008/03/23/1550824.aspx#1614547

Anyway, I went looking and found a thread that claimed the malvertizements had been identified and removed on 5 May so I didn't take things any further (a decision which may have been a mistake)
http://forum.mininova.org/index.php?showtopic=235009007

Kimberley has now identified a malvertizement on mininova.org, again hosted by Akamai:
http://www.bluetack.co.uk/forums/index.php?showtopic=18064&st=60&gopid=87201&

The domains being used by the malvertizers are:

adoptserver.info
iexplorer-security.org
mystats.com
fastwebway.com
xponlinescanner.com

The malvertizement has been reported to Akamai.


add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image01:41 Hooray for teamwork - the malvertizements at photobucket.com have been identified» Spyware Sucks

Once again, communication and cooperation between anti-malvertizement activists around the world has resulted in success.

We have found the malicious malvertizements on photobucket.com - Kimberley has the details.

The incident has been reported to Photobucket.  The malvertizements themselves are not new.  Speedstick and TokyoDrift have been featured on this blog several times.  As noted by Kimberley, the malicious domains being used by the cretins behind the malvertizements are:

atlas-ads.com (host of a malicious SWF)
track.trackads.net
tds.maxconvert.com
adtds.trackads.net
spywaredestructor.com
adoptserver.info
iexplorer-security.org
fastwebway.com
xponlinescanner.com

photobkt-images.adbureau.net (host of a malicious SWF)

adbureau.net is Akamai - the incident has been reported.

Atlas-ads.com is registered via Estdomains, created on 10 April 2008.

 


add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image01:12 Fil IT-Business : iPhone-America Movil, GPS-Nokia, BlackBerrry-Brightpoint, Asic, BBC-Facebook, PlaNet Finance-Birmanie» VNUNet News
Les titres au complet : L'iPhone a un allié en Amérique latine - GPS : Nokia y croit - Distribution : RIM s'appuie sur Brightpoint - Projet de loi Olivennes : réaction vive de l'Asic - La BBC vole les informations personnelles sur Facebook - Micro-finance et TIC : PlaNet Finance sensible à la Birmanie.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image00:40 Fake GoogleTalk Application In The Wild» The SpywareGuide Greynets Blog
We're still trying to pin down exactly how new this is, but it seems someone has released a fake Google Talk application into the wild. Compare the fake application on the left with the real thing on the right, and...
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Click here to bookmark this link.Channel Image00:12 iPhone, catch up TV, TV par satellite…Orange France lâche des bribes d'infos» VNUNet News
Lors de la présentation des résultats du premier trimestre 2008, France Telecom a abordé le cas de services qui vont bouger d'ici juin.
add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl

Thu 08 May, 2008

Click here to bookmark this link.Channel Image22:42 India and Belgium decry Chinese cyber attacks» The Register - Security

Join the ranks

Belgium and India have joined the growing ranks of countries voicing concerns about cyber attacks originating from China. Earlier this week, officials from both countries said computer networks inside their borders are routinely targeted by hackers trying to ferret information that could benefit the Chinese government.…


add to del.icio.us add to del.icio.us. look up in del.icio.us.   add to furl.net add to furl
Sources