|
Archive for September, 2008
Monday, September 29th, 2008
While we’ve been calling it Rogueware for years around here, Microsoft and the state of Washington Attorney General’s office is filing a set of complaints against “scareware” makers. It’s interesting that lawsuits can be filed against “John Doe” actors in the complaints, as written up by Elinor Mills on CNet:
“Microsoft filed five new lawsuits and amended two previous complaints against SMP Soft, all relating to programs that allegedly falsely alert consumers to problems on their computers and offer to sell software fixes. The programs listed include Scan & Repair, Antivirus 2009, MalwareCore, WinDefenderXPDefender.com and WinSpywareProtect. Most of the defendants are listed as “John Doe” because investigators do not yet know the identities of the people behind the programs.”
Chief Threat Officer of our research group Kurt Baumgartner was selected to present a timely last minute technical presentation on Thursday of this week on “Recent rogueware” at Virus Bulletin 2008 in Ottawa, Canada. The presentation will focus mostly on technical aspects of Rogueware currently in the wild including a couple of software packages listed in the complaint, the ridiculous but popular MonaRonaDona hoax, and various methods of delivery.
Regardless of the filings, the threats continue to evolve online and are active today, much like the image above.
Posted in FakeAlert, Rogueware, Virus Bulletin, Vundo, Zlob | No Comments »
Wednesday, September 24th, 2008
Twenty year old UT student David Kernell, suspected of hacking Vice Presidential Candidate Sarah Palin’s Yahoo! account, was not indicted at a court hearing earlier today. There is speculation that the private email account is used for government purposes as well. Some discussion of lessons learned here and here.
Update: Kernell was indicted “on a single charge of accessing a protected computer by a grand jury in U.S. District Court for the Eastern District of Tennessee in Knoxville” on Oct. 8th. He is pleading not guilty.
Posted in Government and Cybersecurity | No Comments »
Wednesday, September 24th, 2008
A high number of Fakealert droppers are showing up on the radar today and yesterday. A crack under the name “crack_ver1.454.0.exe” in a “zebradesigner pro.zip” package is being distributed from a fairly popular crack site. The standard phony codec distributions are making the rounds from various sites and exploits: “MediaTubeCodec_ver1.938.0.exe”, “HDVideoExtension_ver1.6119.0.exe”, “Setup_ver1.1620.0.exe”, “MEDIATUBECODEC_VER1.573.0.EXE”.
Do not be fooled by the consistent phony codec scams.
Posted in Dropper, FakeAlert, Rogueware, Social Engineering, Trojan | No Comments »
|
|
|
|
