«
»

Phishing & Malware Update: 1108-22

User Group Network UGN Safenetting and Cybercrime report Catching up this week, I realized we haven’t had a Safenetting update in a month. My cache for articles to post had 127 items — and I knew I wouldn’t be able to fit all those. So, herein I attempt to touch on just about all the current issues …
* Twitter Phishing Scam Steals Passwords — Site Not Charging
* 6 Signs Your Computer is Infected … and 4 Ways to Fix It
* Microsoft’s August 2011 Patch Tuesday Serves 13 Patches
* Android Dogfighting App Infected with Pro-PETA Malware
* MacDefender taken down in raid by Russian authorities?
* 146 new phishing attacks hosted on government websites
* Rootkit Creators Annihilating Their Mutual Codes
* Gingerbread paves way for GingerMaster malware
* Koobface malware spreading via torrent
* Facebook issues Guide to Security
* Google: IP spoofing on the rise
* Fraud awareness week
* Spam wars heat up
. . . and more

MacDefender taken down in raid by Russian authorities?

MacDefender caused a malware crisis for the Mac back in June 2011. At the time it seemed like an epidemic, but then after a short round of update Whack-A-Mole with Apple, MacDefender seemed to disappear entirely. In fact, Apple last updated its malware definitions on June 18.
      New information suggests that Russian authorities may have busted the group responsible for one of the biggest scourges that the Mac has ever seen.
READ THIS REPORT Full story : Jason D. O’Grady | www.zdnet.com

Fraud awareness week

This past week was National Fraud Awareness Week. This important observance dealing with phone and mail fraud is sponsored by the Federal Communications Commission.
      Identity theft has become our country’s fasting growing crime and according to the Federal Trade Commission it is the number one concern of consumers and businesses today. It estimates that nearly 15 million Americans are victims of this type of crime every year.
READ THIS REPORT Full story : Josh Brecheen, The Conservative Voice

6 Signs Your Computer Has Been Infected … and 4 Ways to Fix It

Is your computer acting weird? Are boxes popping up on your screen telling you that your computer is infected? Are you hearing strange sounds? Your computer may have been infected with malware.
      It’s not always easy to determine whether or not your computer has been infected with a virus, worm, Trojan or spyware, because authors of malicious software do their best to disguise their work. But there are some symptoms that could help you figure it out.
READ THIS REPORT Full story : BusinessNewsDaily

Twitter Phishing Scam Steals Passwords — Site Not Charging

A Twitter phishing scam is going around that tricks social media users into handing over passwords. Users are being tricked into signing a petition to stop the site from charging in October.
      The great thing about social media is that it allows you to stay in touch, brand a business or yourself, or stay in touch with your fave peeps. But remember — it’s technology, and bad guys and gals lurk around in cyberspace preying on the unwary.
READ THIS REPORT Full story : nakedsecurity.sophos.com

Facebook issues Guide to Security

Facebook has launched a security guide for users as it looks to curb the number of successful attacks on the site.
      The Guide to Facebook Security features 14 pages of advice, covering everything from phishing and clickjacking, to how to recover a hacked account.
READ THIS REPORT Full story : IT PRO

Spam wars heat up

John Breeden II writes:
      OK, so everyone hates spammers. For me, the only question is whether I hate spammers or hackers more. I go back and forth on that one. Hackers normally cause more direct damage, but spammers are more insidious.
      Sometimes hackers use spammer techniques too, like we saw with recent government phishing attacks. And GCN reported this week that spam is back on the rise, as spammers who were knocked back on their heels rebuild their networks.
READ THIS REPORT Full story : John Breeden II – GCN LAB IMPRESSIONS

Android Dogfighting App Infected with Pro-PETA Malware

A controversial dog fighting app has been hacked to provide a pro-PETA message, as well as embarrassing emails for the app owner, security firm Symantec has reported.
      The app, now called KG Dogfighting, was first placed into the Android Market as Dog Wars. It received massive criticism, including pro QB Michael Vick, once jailed for dogfighting involvement, and from PETA, and the ASPCA as well. The hacked version, which is a modified beta version of the Dog Wars app, Beta 0.981, will send all the people in the user’s list the following SMS message:
READ THIS REPORT Full story : www.huliq.com

Microsoft’s August 2011 Patch Tuesday Serves 13 Patches

Microsoft has just issued a total of 13 security-patches, fixing vulnerabilities within its large number of software applications among which security flaws within its Windows Server OSs and Internet Explorer are rated critical. Theregister.co.uk reported this on August 9, 2011.
      Basically, attackers who exploit the IE flaws manage to run malware remotely, requiring Web-surfers to merely view a booby-trapped site. Albeit no evidence has yet emerged of anyone exploiting the vulnerabilities, the security team of Microsoft states that there’s an immense possibility of real-world criminals developing a dependable attack code within 30 days from now.
READ THIS REPORT Full story : SPAMfighter News

Rootkit Creators Annihilating Their Mutual Codes

It is being observed that malware developers are attacking competitors for maintaining full control over compromised PCs. In a particularly fascinating instance, the person who created TDL 3 rootkit was struck with the idea of trading its source code to earn some extra bucks. Afterdawn reported this in news on August 10, 2011.
      And because of the sale of the source code named ‘ZeroAccess’ there allegedly occurred additional Click Fraud components. Essentially, the fresh sample, ZeroAccess determines if TDL is present on a system and in case it’s found the ZeroAccess rewrites random info on the rootkit’s concealed disk following which the malware becomes inactive. ZeroAccess then acquires complete hold of a system, making the PC do specific tasks, with merely search-hijackers and ad-clickers becoming viable.
READ THIS REPORT Full story : SPAMfighter News

146 new phishing attacks hosted on government websites

Disclosures by groups including LulzSec, Anonymous and Wikileaks have highlighted that poor security is endemic throughout government websites. During July, Netcraft’s anti-phishing toolbar blocked 146 new phishing attacks hosted on government websites. Nearly half of these used the gob.pe secondary top-level domain, making the government of Peru the phishiest in the world.
      Unusually, more than a third of these government-hosted phishing attacks targeted a single British financial institution, Lloyds Banking Group. Halifax and Lloyds TSB, which are subsidiaries of the group, were each targeted more times than any other organisation, including PayPal.
READ THIS REPORT Full story : news.netcraft.com

Google: IP spoofing on the rise

Data from Google’s Safe Browsing initiative shows malware distributors are increasingly relying on IP spoofing to try to evade detection.
      Google has been running its Safe Browsing service for about four years, with a goal towards providing an open service that Web browsing applications can check against to see if a particular site is suspected of hosting malware or phishing scams. Now, Google has published an analysis (PDF) of more than 160 million Web pages on more than 8 million sites to look for trends in how malware is distributed – and finds that while social engineering tricks play a small role and plug-in and browser exploits are still common, malware distributors are increasingly turning to IP spoofing in hopes of avoiding detection.
READ THIS REPORT Full story : Digitaltrends.com

Koobface malware spreading via torrent

After spreading via social networking site Facebook several months back, the Koobface virus appears to be back, this time spreading via torrent and peer-to-peer file sharing.
      Computer security firm Trend Micro said that the virus, which turns computers it infects into a peer-to-peer botnet, now uses Trojanized shared application files.
READ THIS REPORT Full story : GMANews.TV

Gingerbread paves way for GingerMaster malware

As our smartphones become more ubiquitous and more powerful, they need to be protected in much the same way that you would protect your computer. Further to this, a malicious piece of malware has been discovered for devices powered by Android 2.3.3 Gingerbread, giving the hacker the ability to take complete control of the smartphone remotely.
      Dubbed GingerMaster, this malware is hidden inside of an infected app. Once you boot that app and the exploit is launched, it gains root privileges, attempting to install a root shell into the system partition.
READ THIS REPORT Full story : Mobile Magazine

Follow the InfoManager’s previous Safenetting Alerts

DO NOT CLICKThanks for reading…

Fred Showker

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
GO Knujon and
GO HostExploit.com. And, you should
GO switch to SpamCop and take a stand against spam.

Share this | Post to Twitter Tweet this
Posted by Fred, August 21, 2011
Tags: , , , , , ,