Botnets Rebuild Forces After Rustock Raid

Botnets Rebuild Forces After Rustock Raid

After the Feds and Microsoft in March chopped off the head of the hydra that was the 1-million strong “Rustock” botnet responsible for sending billions of spam, several heads have sprung in its place. PC World notes a Symantec report of a 24% jump in emails containing malicious links and attachments, possibly representing an attempt to regrow the forces of zombie controlled computers and fill the void left by Rustock. [More]

Badware Hosting Sites Growing More Sophisticated, Offer Menu Of Services

Badware Hosting Sites Growing More Sophisticated, Offer Menu Of Services

The illicit economy of phishers and malware perpetrators is growing more sophisticated, and more brazen. “Bulletproof” hosting sites that offered to protect their users from attacks and takedown requests now have corporate-like web pages offering a menu of a la carte services. The only limit is no spam and no porn. Hey, even they have standards. [More]

Search Online For Cameron Diaz At Your Own Risk

Search Online For Cameron Diaz At Your Own Risk

I have no idea why anyone would be searching online for Cameron Diaz screensavers, but according to McAfee, if you feel the need to fill up your monitor with a pic of the thespian, you’re putting your computer in harm’s way. [More]

Security Patching For XP Service Pack 2 Ends Today

Security Patching For XP Service Pack 2 Ends Today

If you’re still using Windows XP SP2, you’re about to be on your own. Today Microsoft releases its final security update for Service Pack 2 (the 32-bit version, at least). [More]

Science Confirms Porn Sites Are Shockingly Corrupt

Science Confirms Porn Sites Are Shockingly Corrupt

Last week at a symposium on information security at Harvard, researchers presented the truly shocking results of their investigation — Going to random porn sites could be putting your personal information at risk! (Insert sound of jaws dropping here). [More]

Should You Abandon McAfee Or Take Their Free 2-Year Extension?

Should You Abandon McAfee Or Take Their Free 2-Year Extension?

If you use McAfee’s anti-virus program and have Windows XP with SP 3, you may have noticed last week that your PC was shutting down every 60 seconds. That was because McAfee pushed out an update that it now admits wasn’t properly tested. To apologize, the company says it will reimburse you for repairs (although it hasn’t provided details on this yet), and it’s offering everyone who was affected a free 2-year extension of the service. Should you take the offer and call it even? Seth Rosenblatt at Cnet says you shouldn’t bother. [More]

Bank Of America Technician Turned ATM Into Free Money Machine, Stole Over $200,000

Bank Of America Technician Turned ATM Into Free Money Machine, Stole Over $200,000

A former BoA IT worker has agreed to plead guilty to installing malware on the bank’s ATM machines in order to withdraw money whenever he felt like it, reports Wired. According to the plea agreement, his total take from the crime was between $200-400k. The bank won’t disclose how he did it or what the malware was like, but earlier this month Visa announced that new malware has hit the U.S. that could not only capture customers’ PINs and card data, but also give the criminal the ability to empty the machine of any cash that was in it. [More]

Don't Let An Unknown Caller Talk You Into Downloading Software

Don't Let An Unknown Caller Talk You Into Downloading Software

In the wide world of scams, this combination of a phone call and computer malware is sort of a novel twist. Jay likes to string phone scammers along to waste their time, so he managed to get quite a few details about how this particular scam works. If you’ve got naive family members with access to computers, either take away their computers or tell them never to download software from a stranger on the phone. [More]

The FDIC Would Like You To Know That They're Not Emailing You

The FDIC Would Like You To Know That They're Not Emailing You

An email claiming to be from the FDIC is making the rounds on the internet. It supposedly contains a “personal FDIC insurance file” that is really some sort of badness that will ruin your day. Do not click.

Gawker Duped By Malware Gang, Serves Up Infected Suzuki Ads

Gawker Duped By Malware Gang, Serves Up Infected Suzuki Ads

Scammers pretending to buy ads for Suzuki tricked Gawker’s ad sales team last week into running malware-laced ads that installed spyware and crashed the browsers of some readers before they were caught and pulled.

Microsoft Goes After Malicious Ad Suppliers

Microsoft Goes After Malicious Ad Suppliers

If you visited the New York Times website last week, you may have been surprised to have your browsing interrupted by one of those scammy “we’re scanning your computer for viruses OH NO YOU HAVE A VIRUS!” ads that overtake your window. Now Microsoft has filed 5 lawsuits in an attempt to fight back against the jerks who may have been responsible for it, and certainly for other ads like it all over the web.

Meet The Virtual ATM Skimmers

Meet The Virtual ATM Skimmers

Just when you thought that you and your ATM card data were safe from criminal eyes, Scientific American brings a different sort of threat. This time, the skimmers are inside the machine. Malware within the ATM itself harvests enough data to do some very bad things.

Try These Search Terms If You Want Some Malware

Try These Search Terms If You Want Some Malware

Computer virus company McAfee has assembled a list of the top search keywords that are most commonly linked to malware exposure. The winning phrases are: word unscrambler, lyrics, myspace, free music downloads, phelps, game cheats, printable fill-in puzzles, free ringtones and solitaire. In addition, the general categories that are considered riskiest are: screen savers, free games, work from home, Olympics, videos, celebrities, music and news.

Texas Law Probably Does Not Require PI License To Fix Spyware-Infested Computers

Texas Law Probably Does Not Require PI License To Fix Spyware-Infested Computers

Dries Janssens, a computer repair shop owner in Allen, Texas, is worried that a 2007 law passed by the state legislature requires computer repair technicians to have private investigator licenses to perform “simple computer repairs such as malware removal.” We’re not sure if the law was just badly written or written on purpose at the urging of the state’s private investigator lobby (which Janssens suggests), but it certainly seems like a bad idea. Update: according to this article sent by our weekend editor Carey, it’s just badly written (“It needs some tightening up,” says one lawmaker) and should only apply to the private security industry.

Hewlett-Packard Takes Shipping Malware-Infested USB Sticks Very Seriously

Hewlett-Packard Takes Shipping Malware-Infested USB Sticks Very Seriously

WHO: Hewlett-PackardWHAT: A batch of USB keys for HP’s line of ProLiant servers have been shipped infected with the worms W32.Fakerecy and W32.SillyFDC. Both can allow attackers to take over a system.WHERE: HP ships USB sticks with malware [CNET] (Thanks to Jimbo!)

Hannaford Credit Card Theft Caused By Malware, Not Database Breach

Hannaford Credit Card Theft Caused By Malware, Not Database Breach

Most corporate credit card data theft happens at the database level, like the massive T.J. Maxx breach. But Hannaford has notified investigators that the recent theft of 4.2 million accounts was caused by malware that was installed on the servers at each of its 300 locations. The software “intercepted data from customers as they paid with plastic at checkout counters and sent data overseas,” reports CNET.

Article Recounts Sony's Rootkit Debacle In Detail

Article Recounts Sony's Rootkit Debacle In Detail

Remember Sony’s cringe-inducing copy protection scheme a couple of years ago, where they secretly installed rootkits on millions of customers’ PCs and then pretended it was no big deal? (“Most people, I think, don’t even know what a rootkit is, so why should they care about it?” — Thomas Hesse, Sony BMG’s President of Global Digital Business.) There’s a new article (PDF) about to be published in the Berkely Technology Law Journal called “The Magnificence of the Disaster: Reconstructiong the Sony BMG Rootkit Incident.” It’s a very detailed and entertaining read that examines the conditions that led Sony BMG “toward a strategy that in retrospect appears obviously and fundamentally misguided.”

Flash-Based Malware Ad Sneaks Onto Legit Websites Via DoubleClick

Flash-Based Malware Ad Sneaks Onto Legit Websites Via DoubleClick

A new malware ad has managed to sneak its way onto Doubleclick’s DART ad publishing system, which means it’s been showing up on several legitimate websites, including Major League Baseball, The Economist, and Canada.com. It doesn’t require user interaction to be triggered—as soon as it’s loaded into the page, it initiates the redirect, closes your browser window, and starts bullying you to install “anti-virus” software. It will even attempt to download a virus-laden .exe file, naturally.