An anonymous reader writes: From the Sunbelt Software Blog: It appears a website called ismycreditcardstolen.com, designed to "educate users about the dangers of phishing" has itself been flagged by Firefox as a reported web forgery. The site, which asks visitors to enter their credit card details to "see if they've been stolen" takes the hapless visitor to a page warning them about the perils of phishing, giving them advice on how to avoid similar scams and also provides a link to the Anti-Phishing Working Group's website. Or at least it did, until various browsers started blocking it. I've done a little bit of digging, and it looks like one of the creators is taking questions here. As the blog post notes, the project was likely doomed to failure both because of the domain name itself and also because it uses anonymous Whois data, which isn't exactly going to make security people look at it in a positive light. Does anyone out there think this was a good idea? Or will malicious individuals start playing copycat on a public now trained to think sites like this are just "harmless education"? Link to Original Source
An anonymous reader writes: Omegle is a popular anonymous one-to-one chat service that allows you to jump into random conversations with complete strangers. While there have been attempts in the past to use non malicious "bots" to talk to human users, researchers at Sunbelt Software have found evidence of a number of programs designed to send rogue URLs to end users while pretending to be a real person in an attempt to infect their PCs. Interestingly, the tools are designed so that the hacker can watch the conversations take place in realtime, changing their Bot text if they feel their attempts to infect end users are unsuccessful. As a tactic, it seems to be working given screenshots illustrate people using these programs tallying up "5 to 10 victims while popping out to the shop" — you may want to warn less tech savvy friends and relatives who probably have no idea threats such as this exist in the world of one to one chatting... Link to Original Source
An anonymous reader writes: From ComputerWorld: Zango Inc., the adware distributor fined $3 million by the Federal Trade Commission in 2006 for sneaking software onto people's PCs, has closed its doors after being acquired by video search engine company Blinkx PLC.
Zango's former chief technology officer blamed the company's demise on several factors, but at the top of the list were the very practices that got it in hot water with the FTC — and with security analysts who had labeled the company's software spyware. In 2006, Zango settled FTC charges that it used unfair and deceptive practices to download software to users' PCs and agreed to pay a $3 million fine. As late as May 2008, however, noted antispyware researcher Ben Edelman blasted Zango for providing sexually explicit material without labeling the content as such.
In August 2008, security researcher Chris Boyd, the director of malware research at FaceTime Communications Inc., claimed Zango profited from pirated movies, including that year's blockbuster The Dark Knight.
An anonymous reader writes: A week after FaceTime Communications discovered a group of hackers targeting Myspace Band profiles, Alicia Keys becomes the first major name to have her page compromised in the same manner. Meanwhile, many of the bands affected by this attack are becoming increasingly angry with the way Myspace are treating them. Vaughn Atkinson, guitarist with the band JetKing, said he spent a few days trying to get MySpace administrators to restore his band's page from backup, without success. "It's messed with a lot of our networking with promoters and venues," he said in an interview. "It's important to a band's credibility... if you have all that data wiped out, you are kind of back to square one in the eyes of people.
An anonymous reader writes: What started out as a fairly random exploration of a few thousand (apparently compromised) pieces of personal data including name, home address, email and IP address lead researchers back to a tool exploiting AJAX vulnerabilities created by hackers based in the Middle East. Some of these hackers have ties to the Instant Messaging Rootkit attacks back in late 2005 by hackers based in the same area, and a
"fake" BitTorrent client that was installed on PCs without permission and used to pipe Mr Bean movies onto the infected computers. The hackers hijack the front page of websites, then use the tool (called IE Exploiter) to push malware onto the website, ranging from Spam programs to banking trojans. Though these hacks have been taking place for the best part of a year, this seems to be the first time someone has gotten a good look at the program involved. Mr Bean also puts in a reappearance, though not in the way you might think...
An anonymous reader writes: I just saw a writeup on CNET that that covers the pursuit of a virus writer who created a fake Grand Theft Auto game, crippling PCs by causing them to endlessly reboot. Despite the police apparently not being very interested, a security researcher pursued his man anyway, culminating in a teary eyed "I'm leaving the internet" post from the virus writer himself. Awesome stuff, and one in the eye for the bad guys (for once).
An anonymous reader writes: After discovering a virus posing as a Grand Theft Auto game last week, security researcher Chris Boyd decided to see how far he could get with regards discovering the creators true identity, armed with nothing more than a username and a YouTube page. What follows is an amazing piece of detective work and tenacity that raises questions about whether or not those in the security space should devote more time to hunting the people rather than the infections...
An anonymous reader writes: It seems Adware vendor Zango can't get a break — yet despite having their TRO against PC Tools denied, the judge saying their claims of tort and trade libel were unlikely to succeed and being informed by Kaspersky USA that they had "sued the wrong company" (read the Kaspersky document), incredibly Zango are claiming some sort of victory. Meanwhile, security researchers have discovered a rogue antispyware program placing "fake" infection files onto a PC that flag themselves as 180 Solutions (Zango) executables, which the rogue antispyware program then flags and "removes" (for a fee, of course). The question is, if Zango are willing to go on the offensive against companies such as PC Tools and Kaspersky for classifications of their product, will they now take a similar line with these rogue products placing dummy files marked as Zango onto an infected PC?
An anonymous reader writes: From The Register: Malware miscreants have created the first worm targeting Skype that's also capable over other instant messaging networks, such as MSN and ICQ. The worm poses as a chat message linking to a website, as with other example of Skype-spreading malware before it. Although the main vector for infection is Skype, the malware also attempts to spread by punting messages across MSN and ICQ, according to an analysis of the malware by researchers at IM security firm FaceTime Communications.
An anonymous reader writes: Over the past few months, we've seen more and more worms targeting the Skype network. A variant of those worms has been discovered which delivers the same payload (the Stration Worm) but also has the ability to send infection messages to different Instant Messaging networks (assuming those chat clients are installed on the PC). So far, they've seen it spread via ICQ and MSN Messenger — other IM clients apparently targeted include Trillian, Miranda and AIM. I find it interesting that the virus writers are using Skype simply as a jump-off point back into older, more established networks — does this mean Skype has proved too difficult a nut to crack for the virus writers? Or are they simply adopting the "anything goes" approach?