The illicit economy of phishers and malware perpetrators is growing more sophisticated, and more brazen. “Bulletproof” hosting sites that offered to protect their users from attacks and takedown requests now have corporate-like web pages offering a menu of a la carte services. The only limit is no spam and no porn. Hey, even they have standards. [More]
I have no idea why anyone would be searching online for Cameron Diaz screensavers, but according to McAfee, if you feel the need to fill up your monitor with a pic of the thespian, you’re putting your computer in harm’s way. [More]
If you’re still using Windows XP SP2, you’re about to be on your own. Today Microsoft releases its final security update for Service Pack 2 (the 32-bit version, at least). [More]
Last week at a symposium on information security at Harvard, researchers presented the truly shocking results of their investigation — Going to random porn sites could be putting your personal information at risk! (Insert sound of jaws dropping here). [More]
If you use McAfee’s anti-virus program and have Windows XP with SP 3, you may have noticed last week that your PC was shutting down every 60 seconds. That was because McAfee pushed out an update that it now admits wasn’t properly tested. To apologize, the company says it will reimburse you for repairs (although it hasn’t provided details on this yet), and it’s offering everyone who was affected a free 2-year extension of the service. Should you take the offer and call it even? Seth Rosenblatt at Cnet says you shouldn’t bother. [More]
A former BoA IT worker has agreed to plead guilty to installing malware on the bank’s ATM machines in order to withdraw money whenever he felt like it, reports Wired. According to the plea agreement, his total take from the crime was between $200-400k. The bank won’t disclose how he did it or what the malware was like, but earlier this month Visa announced that new malware has hit the U.S. that could not only capture customers’ PINs and card data, but also give the criminal the ability to empty the machine of any cash that was in it. [More]
In the wide world of scams, this combination of a phone call and computer malware is sort of a novel twist. Jay likes to string phone scammers along to waste their time, so he managed to get quite a few details about how this particular scam works. If you’ve got naive family members with access to computers, either take away their computers or tell them never to download software from a stranger on the phone. [More]
An email claiming to be from the FDIC is making the rounds on the internet. It supposedly contains a “personal FDIC insurance file” that is really some sort of badness that will ruin your day. Do not click.
Scammers pretending to buy ads for Suzuki tricked Gawker’s ad sales team last week into running malware-laced ads that installed spyware and crashed the browsers of some readers before they were caught and pulled.
Just when you thought that you and your ATM card data were safe from criminal eyes, Scientific American brings a different sort of threat. This time, the skimmers are inside the machine. Malware within the ATM itself harvests enough data to do some very bad things.
Dries Janssens, a computer repair shop owner in Allen, Texas, is worried that a 2007 law passed by the state legislature requires computer repair technicians to have private investigator licenses to perform “simple computer repairs such as malware removal.” We’re not sure if the law was just badly written or written on purpose at the urging of the state’s private investigator lobby (which Janssens suggests), but it certainly seems like a bad idea. Update: according to this article sent by our weekend editor Carey, it’s just badly written (“It needs some tightening up,” says one lawmaker) and should only apply to the private security industry.
WHO: Hewlett-PackardWHAT: A batch of USB keys for HP’s line of ProLiant servers have been shipped infected with the worms W32.Fakerecy and W32.SillyFDC. Both can allow attackers to take over a system.WHERE: HP ships USB sticks with malware [CNET] (Thanks to Jimbo!)
Most corporate credit card data theft happens at the database level, like the massive T.J. Maxx breach. But Hannaford has notified investigators that the recent theft of 4.2 million accounts was caused by malware that was installed on the servers at each of its 300 locations. The software “intercepted data from customers as they paid with plastic at checkout counters and sent data overseas,” reports CNET.
Remember Sony’s cringe-inducing copy protection scheme a couple of years ago, where they secretly installed rootkits on millions of customers’ PCs and then pretended it was no big deal? (“Most people, I think, don’t even know what a rootkit is, so why should they care about it?” — Thomas Hesse, Sony BMG’s President of Global Digital Business.) There’s a new article (PDF) about to be published in the Berkely Technology Law Journal called “The Magnificence of the Disaster: Reconstructiong the Sony BMG Rootkit Incident.” It’s a very detailed and entertaining read that examines the conditions that led Sony BMG “toward a strategy that in retrospect appears obviously and fundamentally misguided.”
A new malware ad has managed to sneak its way onto Doubleclick’s DART ad publishing system, which means it’s been showing up on several legitimate websites, including Major League Baseball, The Economist, and Canada.com. It doesn’t require user interaction to be triggered—as soon as it’s loaded into the page, it initiates the redirect, closes your browser window, and starts bullying you to install “anti-virus” software. It will even attempt to download a virus-laden .exe file, naturally.
We owe Apple an apology, because it turns out they weren’t kidding when they said that opening the iPhone up to 3rd party software was just asking for trouble. That’s because the iPhone runs every single app as “root,” which is computerese for “more power than Steve Jobs.” It was this root access that made the Safari exploit possible back in July, and it can’t be fixed without a complete redesign of the firmware.