Spyware Hunter

The hackers led a cyber protest at UN’s official website against the US and Israel for killing children in the Middle East. For which, they hacked UN Secretary General Ban Ki-Moon’s web page.

The self-proclaimed pro-peace hackers have left this message,

Hacked by kerem125 MOsted and Gsy That is CyberProtest Hey Ysrail and Usa dont kill children and other people Peace for ever No war.

The message was found in a UN web page, which is generally reserved for statements from UN Secretary General, Ban Ki-Moon.

The hackers identified themselves as kerem125, Gsy and M0sted. These groups have also attacked some other pages of UN web site.

The latest report adds that UN has repaired the affected pages.

Image:

Italy’s domestic intelligence service recently reported that organized teams of Chinese hackers were burglarizing the PCs of Western firms to pilfer fashion ideas and counterfeit them ahead of the actual articles can strike the streets.

Gnosis, a magazine by Italy’s SISDE counterintelligence agency was reported to have said,

Platoons of seasoned, unscrupulous cyber pirates, crackers and hackers of every kind ... make up an exponentially growing and unstoppable army.

The article claims that in so far as 20% of Internet viruses and spam messages that wedge e-mails worldwide started off in China. It claims that Chinese hackers get a lot out of pornography, comprising sites that put up for sale videos for pedophiles and traffic in date rape-drugs, heroin and counterfeit medicines.

Read

IronPort was recently reported to have fully given a face-lift to its monitoring website, www.senderbase.org, which was pioneered by it in 2003. This latest website is said to make available email administrators distinctive visibility into the email and Web traffic getting into their networks. Furthermore, the latest graphical user edge at Senderbase.org now makes simplifies it more than before for each member of the Internet community to keep track of virus outbursts, spam trends, spyware and further web-borne threats.

SenderBase.org, a free of charge service, can be utilized as a credit reporting service, giving detailed data that can be used by ISPs and firms to set apart legal senders from spammers and other invaders – providing system administrators an approach to help them take serious security decisions. The sender base can also be utilized by Consumers, media, and other parties to keep an eye on threat goings-on, verify their email reputation scores, and obtain immediate updates on the most recent virus spates.

Read

You may believe or not, but it is true for McAfee. The security leader has claimed that the online search of latest movies or download of music poses greatest security threat than searching the X-rated items in the websites.

Nearly nine percent of adult sites cause web-security problems such as spyware, adware or spam in comparison to 19 percent of digital music sites or movie downloads.

In a common parlance, the search for nude items (Hot babes, Nude Britney Spears or Lindsay Lohan) is not so risky than searching for a latest music or download of a movie. Why?

McAfee says the porn sites are lesser risk because they are doing good business. So, they don’t want to involve in such practices. To the contrary, faced with a sluggish electronics market, the music companies are very much inclined to adopt additional ways to promote their products.

The study has further claimed that the search items like electronic gadgets and background “wallpaper” to decorate computer screens are also risky like music search and movie download.

Image:

We are faced up with phishing attacks almost each day; however what we cannot see is the face behind the attack. Rsnake at ha.ckers.org recently had a piece of an interview, with a phisher who calls himself ‘lithium’. Not only the questions but also the answeres have an effect on me. Through the post we take a fine glance into the world of phishing based on one phisher experience. RSnake asked the phisher, called “lithium,” how he operates, what technology he uses, and just how much money he makes off these scams.

I cannot say I discovered anything chiefly astonishing as the majority of my suppositions about the people that enter into this activity fit pretty much with the profile highlighted in the interview. Nevertheless it at all times puts me a little sideways to see to how young a few of them are when they initiate.

It was also difficult to listen to how many people are making use of the similar password for their email as they do for their social identities and how this can be converted into a fine bit-o-cash for the phisher. Lithium, who calls himself 18 yrs old and claims to have been phishing around since he was 14, said to have stolen more than 20 million identities, mostly using social networking worms.

He says,

I have so many hundreds of thousands of accounts to many websites I haven’t even got a chance to look through,

While RSnake admitted not to have authenticated all of lithium’s real numbers, he said in response to comments on his ha.ckers blog that the phisher’s story jives with that of traditional phishers.

Read

Recently I went through an interesting article on Information Week, which was related to the use of spyware driven-traffic increasing the traffic counts of sites. Through the article, it is claimed that video sites are increasingly inclined to do this due to the 1.65 B buy out of YouTube.

A study by spyware researcher Ben Edelman finds that spyware-driven traffic inflation is common, particularly at video sites. Besides, he said that spyware is also being utilized to manipulate the fame of YouTube videos. The study identifies Bolt.com, GrindTV.com, Broadcaster.com, Away.com, RooTV.com, and Diet.com as the beneficiaries of spyware-driven traffic.

Here is the direct link to Ben Edelman’s result. While you get through them it looks that what he detected is a quite old game, where pop up and pop under advertising that calls a page or process on the web site that after that blows up the statistics of that web site.

Given that this is not a new-fangled game, and rather old in aspects of how long this has been carried out to drive up web statistics, if you memorize the omnipresent ads for the X10 Camera that eventually turned that web site into one of all the rage web sites on the globe, all by virtue of pop up/under advertising.

Read

Symantec, McAfee, and Computer Associates, all the three security bigwigs, recently said to patch up flaws in their products. McAfee’s advisory explains tribulations, which were in fact fixed mutely in March, in a range of products comprising VirusScan and the company’s Internet Security Suite. Flawed ActiveX controls is expected to be exploited by nasty Web sites to sprint arbitrary code.

Symantec’s tribulations with an ActiveX control in Norton Internet Security 2006 is also expected to land to arbitrary code execution. They have also been patched up via updates that can be availed via LiveUpdate.

CA’s tribulations, in its CA Anti-Virus for the Enterprise, CA Threat Manager, and CA Anti-Spyware, are potentially hard to exploit. They need local access, means hackers will have to obtain a program on the user’s system and sprint it initially. They may possibly guide to lofty privileges. They have also been patched up by updates via usual channels.

Read

Google was recently reported to have said that 1 in every 10 web pages, investigated by it, are containing malicious software, which could potentially contaminate a user’s computer. The majority of the infested web pages included unseen codes with the aim of attempting to pilfer private info for example passwords.

For their study, researchers at Google surveyed 4.5 million pages to “in-depth analysis” and detected that almost 450,000 of them could launch purported “drive-by downloads”, sites, which are said to deploy nasty code, like spyware, but for the prior consent of user. An extra 700,000 pages were thought of having code that might compromise a user’s PC.

In the report, published in the paper titled The Ghost In The Browser, Google researcher Niels Provos writes,

To entice users to install malware, adversaries employ social engineering. The user is presented with links that promise access to ‘interesting’ pages with explicit pornographic content, copyrighted software or media. A common example are sites that display thumbnails to adult videos.

Researchers also reported that hackers were targeting whole Web servers, in order to change about each page on the compromised server into a malware host. They were exploiting blog comment characteristics and further Web 2.0 methods of obtaining user-created content as techniques to encourage malware sites or to disseminate software-based attacks.

Read

A Symantec researcher was recently reported to have said that Microsoft Update, which is included with a component known as Background Intelligent Transfer Service (BITS), might possibly be exploited by hackers to evade security measures and attack computers. BITS sprints in the background on a Windows computer as an asynchronous download service for patch updates.

Elia Florio who is one of the researchers at Symantec’s security response team was quoted as saying,

It’s a very nice component and if you consider that it supports HTTP and can be programmed via COM API, it’s the perfect tool to make Windows download anything you want. Unfortunately, this can also include malicious files. It is novel. Hack-ers are leveraging a component of the operating system itself to update their content. But the idea of bypassing firewalls isn’t new.

Through this it gets clear that just spending more money to protect our PCs with latest and greatest security systems is not the standalone answer to the hacking trouble, rather we will have to spend the resources required to track hackers down and jail them at one with the damages caused by them.

Read

The University of Missouri recently said to have been victimized by a computer hack, which disclosed more than 22,000 Social Security numbers of students at the University, both existing and earlier. The numbers had been compiled for a report. They were after that made accessible via a Web site using the University’s help desk, as the data was not washed out of the network after completing compilation.

It is the 2nd hack on the University of Missouri this year. During January, both Social Security numbers and student passwords had been pilfered. The present attack is under the investigation of the FBI. Campus IT people spotted the attack on Friday, when the hacker exploited a hole in a campus web site that is utilized to question regarding the status of trouble reports to the university’s PC help desk.

The attacks came about between 5:26 a.m. Thursday and 9:34 a.m. Friday, and were marked out to IP addresses positioned in China and Australia.

Read