Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Inside Google's Anti-Malware Operation 105

Trailrunner7 writes "A Google malware researcher gave a rare peek inside the company's massive anti-malware and anti-phishing efforts at the SecTor conference here, and the data the company has gathered shows that the attackers who make it their business to infect sites and exploit users are adapting their tactics very quickly and creatively to combat the efforts of Google and others. While Google is still a relative newcomer to the public security scene, the company has deployed a number of services and technologies recently that are designed to identify phishing sites, as well as sites serving malware, and prevent users from finding them. The tools include the Google SafeBrowsing API and a handful of services that are available to help site owners and network administrators find and eliminate malware and the attendant bugs from their sites. Fabrice Jaubert, of Google's anti-malware team, said the company has had good luck identifying and weeding out malicious sites of late. Still, as much as 1.5 percent of all search result pages on Google include links to at least one malware-distribution site, he said."

Surveillance Backdoor Enabled Chinese Gmail Attack? 143

Major Blud writes "CNN is running an opinion piece on their front page from security technologist Bruce Schneier, in which he suggests that 'In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.' His article is short on sources, and the common belief is that a flaw in IE was the main attack method. Has this come up elsewhere? Schneier continues, 'Whether the eavesdroppers are the good guys or the bad guys, these systems put us all at greater risk. Communications systems that have no inherent eavesdropping capabilities are more secure than systems with those capabilities built in. And it's bad civic hygiene to build technologies that could someday be used to facilitate a police state.'"

Submission + - Up To 9% Of A Company's Machines Are Bot-Infected (

ancientribe writes: "Bot infections are on the rise in businesses, and most come from botnets you've never heard of nor ever will. Botnet researchers at Damballa have found that nearly 60 percent of bot infections in organizations are from bot armies with only a handful to a few hundred bots built to target a particular organization. Only 5 percent of the bot infections were from big-name botnets, such as Zeus/ZDbot and Koobface. And more businesses are getting hit: 7 to 9 percent of an organization's machines are bot-infected, up from 5- to 7 percent last year, according to Damballa."

Spyware Prank Exposes Hospital Medical Records 319

cheerytt writes "Let this be a lesson to all the broken-hearted geeks out there. A 38-year-old Ohio man is set to plead guilty to federal charges after spyware he meant to install on the computer of a woman he'd had a relationship with ended up infecting computers at a children's hospital. Spyware was sent to the woman's Yahoo e-mail address in the hope it would be used to monitor what his former girlfriend was doing on her PC. But instead, she opened the spyware on a computer in the hospital's pediatric cardiac surgery department. The spyware sent more than 1,000 screen captures via e-mail, including details of medical procedures, diagnostic notes and other confidential information relating to 62 patients. The man will pay $33,000 to the hospital for damages and faces a maximum sentence of five years in prison."

F-Secure Calls For "Internetpol" To Fight Crimeware 114

KingofGnG points out F-Secure's Q3 2008 security summary, in which its Chief Research Officer Mikko Hypponen proposes establishing an "Internetpol," an international organization empowered to target and root out cybercrime anywhere in the world. Hypponen gives examples of why such a supernational force is needed — and these are not hard to find — but provides few details about how such an outfit could get started or how it would work. He does mention the wrinkle that in some countries malware writing, cracking, spamming, and phishing are not illegal or not prosecuted. Is an Internetpol even possible, let alone practical?
Hardware Hacking

Huge Credit Fraud Ring Sends Europeans' Data To Pakistan 166

marshotel excerpts from a story at the Wall Street Journal: "European law-enforcement officials uncovered a highly sophisticated credit-card fraud ring that funnels account data to Pakistan from hundreds of grocery-store card machines across Europe, according to U.S. intelligence officials and other people familiar with the case. Specialists say the theft technology is the most advanced they have seen, and a person close to British law enforcement said it has affected big retailers including a British unit of Wal-Mart Stores Inc. and Tesco Ltd."

Asus Ships Eee PCs With Malware 124

An anonymous reader writes "'According to an email sent out by Asus, PC Advisor reports, the Eee Box's 80GB hard drive has the recycled.exe virus files hidden in the drive's D: partition. When the drive is opened, the virus activates and attempts to infect the C: drive and any removable drives connected to the system.'"

PDF Exploits On the Rise 183

An anonymous reader writes "According to the TrustedSource Blog, malware authors increasingly target PDF files as an infection vector. Keep your browser plugins updated. From the article: 'The Portable Document Format (PDF) is one of the file formats of choice commonly used in today's enterprises, since it's widely deployed across different operating systems. But on a down-side this format has also known vulnerabilites which are exploited in the wild. Secure Computing's Anti-Malware Research Labs spotted a new and yet unknown exploit toolkit which exclusively targets Adobe's PDF format.'"

Computer Virus Aboard the ISS 290

chrb writes "BBC News is reporting that laptops taken to the International Space Station by NASA astronauts are infected with the Gammima.AG worm. The laptops have no net connection; officials suspect the worm may have been transferred via a USB flash drive owned by an astronaut. NASA have said this isn't the first time computer viruses had travelled into space."

Faux-CNN Spam Blitz Delivers Malicious Flash 213

CWmike writes "More than a thousand hacked Web sites are serving up fake Flash Player software to users duped into clicking on links in mail that's part of a massive spam attack masquerading as news notifications, security researchers said today. The bogus messages, which claim to be from the news Web site, include links to what are supposedly the day's Top 10 news stories and Top 10 news video clips from the cable network. Clicking on any of those links, however, brings up a dialog that says an incorrect version of Flash Player has been detected and that tells users they needed to update to a fake newer edition, which delivers a Trojan horse — identified by multiple names, including Cbeplay.a — that 'phones home' to a malicious server to grab and install additional malware."

Google Blogger "Hosts 2% of World's Malware" 134

Barence writes "Google's Blogger service is responsible for 2% of the world's malware hosted on the Web, according to a new report from security firm Sophos. The company claims hackers are setting up pages on the free blogging service to host malicious code, or simply posting links to infected websites in other bloggers' comments. 'Blogger accounts for around 2% of malware,' according to Sophos's senior technology consultant, Graham Cluley. 'It's head and shoulders above the rest [of the blogging services].'" Sophos believes that Blogger is favored because, being part of Google, it gets spidered early and often.

Schneier, UW Team Show Flaw In TrueCrypt Deniability 225

An anonymous reader writes "Bruce Schneier and colleagues from the University of Washington have figured out a way to break the deniability of TrueCrypt 5.1a's hidden files. What about the spanking-new TrueCrypt 6? Schneier says that 'The new version will definitely close some of the leakages, but it's unlikely that it closed all of them.' Meanwhile, PC World is reporting that the problems Schneier and colleagues found are bigger than just TrueCrypt. Among their discoveries: Word auto-saves the contents of encrypted files to the unencrypted portions of your disk, and this problem should apply to all non-full disk encryption software. Their research paper will appear at Usenix HotSec '08."

The Very Worst Uses of Windows 816

bigplrbear writes "I found an interesting article revealing the many places that Microsoft products reside, and what they're used for, ranging from elevators to ticket scanners." From the article: "Thanks to VMWare Windows is spreading throughout the datacenter. And, of course, there is only one operating system to use if you are dependent on Microsoft apps like Outlook, Word, and Excel. While I have joined the chorus of security folks who rail against the Microsoft Monoculture I still cannot believe some of the uses for Windows. Some of them are just downright silly, some you may claim are criminally negligent." Note: I'm making no claim of criminal negligence!

AVG Fakes User Agent, Floods the Internet 928

Slimy anti-virus provider AVG is spamming the internet with deceptive traffic pretending to be Internet Explorer. Essentially, users of the software automatically pre-crawl search results, which is bad, but they do so with an intentionally generic user agent. This is flooding websites with meaningless traffic (on Slashdot, we're seeing them as like 6% of our page traffic now). Best of all, they change their UA to avoid being filtered by websites who are seeing massive increases in bandwidth from worthless robots.

Computers are unreliable, but humans are even more unreliable. Any system which depends on human reliability is unreliable. -- Gilb