Archive for June, 2006

Data-Theft Worm Targets Google’s Orkut

A new type of Malware is targetting users inside the Orkut.com community, stealing their login details to online banking sites, dumping them into a Botnet and trying to spread automatically via their “scrapbooks”. Some infections even cause you to start serving copyrighted material from your pc, via IRC. Screenshots and a movie file of the infection mailing home the data, which is pretty interesting.

ADDENDUM: A startling event was discovered during extended testing on an infected machine, which was infected in a lab setting on the 13th of June. The link to the dangerous payload was propogated on the 16th…however the infection message is timestamped as having been sent on the 14th of June.

ADDENDUM 2: Apparently Google engineers are in contact with the spyware researchers right now to help fix this problem, hopefully we will find something out from them soon on their progress.

ADDENDUM 3: Google confirmed the worm. “We are aware of this issue and will have a temporary fix in place within the hour,” a company representative said in an e-mailed statement. “We are working on a more permanent solution for users to guard against these malicious efforts.” You go Google.

News.com adds,

The initial file, called “minhasfotos.exe,” creates two additional files on a user’s system, “winlogon_.jpg” and “wzip32.exe,” FaceTime said. When the user, after the initial compromise, clicks on the “My Computer” icon in Windows XP, an e-mail with his or her personal data is sent to the anonymous attacker, the security company said.

Additionally, the compromised computer may be added to a network of hijacked PCs, known as a botnet. The pest also tries to propagate by placing a malicious link on the profiles of people in the Orkut user’s network, FaceTime said. Source: News.com

read more | digg story

Digg CEO Provides Insight on Netscape Beta Site

Digg CEO Jay Adelson responds to Netscape challenge on Richard MacManus Read/WriteWeb website.

In his email to me, Digg CEO Jay Adelson questioned how active Netscape’s users will be. He suggested that to achieve true interactivity, you need minimum intervention – i.e. no editors! He told me:

“A significant amount of our visitors are active (meaning they participate, not lurk). I’m curious how many interactive users Time Warner will have on their site. That was one of our greatest challenges, building that base.

Digg is extremely focused on transparency and absolutely no editors/intervention. We will never have a small group of people provide oversight.”

Jay also questioned how scalable Netscape’s site will be, with Netscape putting so much emphasis on manual editing:

“Another question I have is about scalability. We feel that there is a technical scale issue with user submissions, in that if you have thousands, or tens of thousands, of submissions a day, how does a few editors parse them? Ultimately, we need the users to both digg and bury stories, provide the editorial, in order to keep up with the real-time world of Internet-based content.”

All very good points, but, if the editors just add content to the top stories, I think that will be doable, as long as they don’t start pushing the site in a direction they want to go in and not let the the users decide. He also says wait until version 3 of digg, which will include more than just tech news.

Aol Launches Digg Like Beta Site

In a move to take advantage of the large numbers of visitors they get every month, Aol is coverting the Netscape portal into a digg like portal, where users vote on stories and the more votes a story gets the higher it appears in the results. They are using editors who make notations or pin stories higher, as well as delete comments and bogus articles from some of the haters out there. It’s interesting only because as a webmaster, we are always looking for more visitors and another site that can send them your way is always good, especially if it already has millions of viewers each month, at last count, 811 million page views a month. The other thing the are doing different is adding many categories that digg does not cover, yes I know their new version will, but it’s not out yet. Interesting take, I really, really do not like how they frame the site instead of sending visitors straight there, but they may change this if everyone makes sure their websites busts out of frames. Also, whoever does their servers and DNS should make sure that beta.netscape.com works just like www.beta.netscape.com, right now it doesn’t work without the www. Check it out.

Yahoo Contains Yamanner Worm

Yahoo says that it has contained the “Yamanner” Worm, a malicious program targeting the millions of people using their email service. The worm infected anyone who opened the email and the worm then scanned that users contact lists for email addresses with the yahoo.com and yahoogroups.com domains. Yahoo said that a very small fraction of it’s userbase was infected and steps have already been taken to protect their users and that nothing needs to be done by any yahoo users as the fix has already been distributed to all Yahoo Mail customers. Yahoo also advised users to update their antivirus programs and to block all incoming emails from av3(at)yahoo.com. Nothing was said about wether the infected users needed to do anything else or not, but updating antivirus programs and scanning their computers should take care of it.

Latest IM and P2P Threats

Here is the latest list of Instant Messaging and Peer to Peer threats according to Facetime Communications, the industry?s largest research team dedicated to the collection, analysis, understanding, and management of threats generated through the intentional or accidental use of greynet applications such as spyware, adware, P2P file sharing networks, IRC, and instant messaging.

180Solutions Buys HotBar

According to the Seattle Times 180Solutions, our old friends, have acquired HotBar. I posted this already on RealTechNews, just making some notes and some other links to similar articles. Spywareguide has posted a couple articles on the subject, here and here, Sunbelt here, and Wayne Porter at Revenews here. I think it’s interesting these two have combined, but i don’t think it will be good news for users. I’m sure everyone will now be getting Zango with their smileys, and whatever else Hotbar is pushing. Zango wants to monetize the internet. Lord help us all.

Viewer Discretion is Advised

SiteAdvisor’s latest blog entry is about movies and actresses and just exactly which searches are the most dangerous.

Steven Spielberg accidentally invented the “summer blockbuster” in 1975 when Jaws unexpectedly grossed over $100 million within the first month of its release. Since then, the major movie studios have increasingly relied on the summer season to release their biggest, and they hope, their most profitable films.

As consumers flock to the Web to learn more about this summer’s “event” movies, we decided to see if the scammers and spammers had followed. So, do any of this summer’s biggest names contain any hidden computer dangers? We searched Google for the titles of 37 summer ’06 blockbusters plus the word “screensaver” and calculated the percentage of risky site links returned on the first page of search results. We also performed similar screensaver searches for 48 of these films’ leading actors.

And the Winner is: Miami Vice is number one with a bullet to your head. I assume it is because of the top searches, most are for wallpapers and screensavers. Number one for actors and actresses? Uma Thurman, probably for the same reasons, screensavers, pictures, etc. Check out the whole blog, here.

Take Your Hard Drives With You

Whatever you do, if you have a hard drive replaced, ANYWHERE, you should ask for the old one to take with you, if only for sanity’s sake. Check out what happened after this couple had their hard drive replaced at BestBuy, who assured them it would have holes drilled in it to make it unusable.

Henry Gerbus said Best Buy assured him the computer’s old hard drive — loaded with personal information — would be destroyed.

“They said rest assured. They drill holes in it so it’s useless,” said Gerbus.

A few months ago, Gerbus got a phone call from a man in Chicago.

“He said, ‘My name is Ed. I just bought your hard drive for $25 at a flea market in Chicago,’” said Gerbus. “I thought my world was coming down.”
Source: Yahoo

I work on computers, and I have many hard drives laying around because of things just like this, you replace a hard drive for someone, they just want their data back, I’ve never had anyone ask for their old hard drive. I usually end up using them, if they are worth using, for storing old data. Word to the wise, take your hard drive with you.