Scammers pretending to buy ads for Suzuki tricked Gawker’s ad sales team last week into running malware-laced ads that installed spyware and crashed the browsers of some readers before they were caught and pulled.
Just when you thought that you and your ATM card data were safe from criminal eyes, Scientific American brings a different sort of threat. This time, the skimmers are inside the machine. Malware within the ATM itself harvests enough data to do some very bad things.
Dries Janssens, a computer repair shop owner in Allen, Texas, is worried that a 2007 law passed by the state legislature requires computer repair technicians to have private investigator licenses to perform “simple computer repairs such as malware removal.” We’re not sure if the law was just badly written or written on purpose at the urging of the state’s private investigator lobby (which Janssens suggests), but it certainly seems like a bad idea. Update: according to this article sent by our weekend editor Carey, it’s just badly written (“It needs some tightening up,” says one lawmaker) and should only apply to the private security industry.
WHO: Hewlett-PackardWHAT: A batch of USB keys for HP’s line of ProLiant servers have been shipped infected with the worms W32.Fakerecy and W32.SillyFDC. Both can allow attackers to take over a system.WHERE: HP ships USB sticks with malware [CNET] (Thanks to Jimbo!)
Most corporate credit card data theft happens at the database level, like the massive T.J. Maxx breach. But Hannaford has notified investigators that the recent theft of 4.2 million accounts was caused by malware that was installed on the servers at each of its 300 locations. The software “intercepted data from customers as they paid with plastic at checkout counters and sent data overseas,” reports CNET.
Remember Sony’s cringe-inducing copy protection scheme a couple of years ago, where they secretly installed rootkits on millions of customers’ PCs and then pretended it was no big deal? (“Most people, I think, don’t even know what a rootkit is, so why should they care about it?” — Thomas Hesse, Sony BMG’s President of Global Digital Business.) There’s a new article (PDF) about to be published in the Berkely Technology Law Journal called “The Magnificence of the Disaster: Reconstructiong the Sony BMG Rootkit Incident.” It’s a very detailed and entertaining read that examines the conditions that led Sony BMG “toward a strategy that in retrospect appears obviously and fundamentally misguided.”
A new malware ad has managed to sneak its way onto Doubleclick’s DART ad publishing system, which means it’s been showing up on several legitimate websites, including Major League Baseball, The Economist, and Canada.com. It doesn’t require user interaction to be triggered—as soon as it’s loaded into the page, it initiates the redirect, closes your browser window, and starts bullying you to install “anti-virus” software. It will even attempt to download a virus-laden .exe file, naturally.
We owe Apple an apology, because it turns out they weren’t kidding when they said that opening the iPhone up to 3rd party software was just asking for trouble. That’s because the iPhone runs every single app as “root,” which is computerese for “more power than Steve Jobs.” It was this root access that made the Safari exploit possible back in July, and it can’t be fixed without a complete redesign of the firmware.
Stopbadware.org has just released its “Trends in Badware 2007″ report, a free overview of all the ways you and your computer can be slipped digital roofies while you’re online looking at LOLpornography and doing your banking through Twitter. It’s written in a deliberately non-technical style, so if you’re put-off or intimidated by the Slashdot crowd, this is a great way to educate yourself or a naive loved one about the dangers of drive-by downloads, website hacking, and so on.
We’ve been hearing all this fantastic sh*t about how we omg, totally have to get Bioshock right now. Well, it seems that although the game is cool, the DRM is a huge pain in the ass.
Holy crap, this is scary! A family interviewed on the Today show is being stalked by “hackers” who have taken over their cell phones. The stalkers use the cell phones to record conversations and the play them back to scare the family. They also leave messages saying they are going to rape one of the family members.
And there you go: that’s how easy it is to completely brick your newly bought PC. Luckily, it’s just as easy to prevent that from happening. So here’s one for the Consumerist Kit: how to protect your computer from viral scumbags without paying a dime. This is only valid for Windows users, the suckers.
• Just make sure your kids eat the lunch, not the box. [ABC] “FDA Warns Lunch Box Makers About Lead”
Just when we think that MySpace couldn’t sink any lower in our esteems unless a gigantic bottomless pit opened up beneath the corporate headquarters and the tentacles of Cthulhu him/her/itself coiled around it to drag it into the chthonic pit… MySpace starts infecting users with spyware.