• Categories

  • Browsers
  • Business Software
  • Communications
  • Desktop Enhancements
  • Developer Tools
  • Digital Photo Software
  • Downloads
  • Drivers
  • Educational Software
  • Games
  • Graphic Design Software
  • Home Software
  • Internet Software
  • iTunes and iPod Software
  • Linux
  • MP3 Audio Software
  • Networking Software
  • Productivity Software
  • Screensavers and Wallpaper
  • Security Software
  • Software News
  • Utilities and Operating Systems
  • Video Software

• Archives

  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

• Links

  • Gadget Mania
  • Gadget Reviews
  • USB World
  

• Meta

  • Log in
  • WordPress
  • XHTML

Top Web Scams of the Decade

Exploits involving Russian women, Nigerian scams and fake job offers top list of creative ploys used by cybercriminals

With 2010 drawing to a close, PandaLabs, Panda Security’s anti-malware laboratory, has released a ranking of the most widespread scams on the Web from the past 10 years. These include the infamous Nigerian scam, ploys involving beautiful foreign women and money mule schemes based on too-good-to-be-true job offers.

According to Luis Corrons, technical director of PandaLabs, “As with all the classic scams that predate the Internet, many of the numerous users that fall for these tricks and lose their money are reticent to report the crime. If recovering the stolen money was difficult in the old days, it is even harder now because criminals’ tracks are often lost across the Web. The best defense is to learn how to identify these scams and avoid taking the bait.”

Typically, these scams follow a similar pattern: Cybercriminals make initial contact with their victim through e-mail or on a social network. The intended victim is then asked to respond by e-mail, telephone, fax or some other channel. Once the user takes the bait, the criminals will attempt to gain their victim’s trust, finding an excuse to ask for money.

The most frequent scams identified by PandaLabs over the last 10 years, based on their distribution and the frequency, are as follows: Read more

25 Percent of New Worms in 2010 Are Designed to Spread Through USB Devices

48 percent of SMBs worldwide are infected every year; one third of these infections are caused by worms that spread on USB devices

PandaLabs has discovered that in 2010, 25 percent of new worms have been specifically designed to spread through USB storage devices connected to computers. These types of threats can copy themselves to any device capable of storing information such as cell phones, external hard drives, DVDs, flash memories and MP3/4 players.

The data from Panda Security’s Second International SMB Security Barometer suggests that this distribution technique is highly effective. With survey responses from more than 10,470 companies across 20 countries, it was revealed that approximately 48 percent of SMBs (with up to 1,000 computers) admit to having been infected by some type of malware over the last year. As further proof, 27 percent confirmed that the source of the infection was a USB device connected to a computer.

According to Luis Corrons, Technical Director of PandaLabs, “At present, much of the malware in circulation has been designed to distribute through these devices. Not only does it copy itself to these gadgets, but it also runs automatically when a USB device is connected to a computer, infecting the system practically transparently to the user. This has been the case with many infections we have seen this year, such as the distribution of the Mariposa and Vodafone botnets.”

So far, these types of infections are still outnumbered by those that spread via email, but it is a growing trend. “There are now so many devices on the market that can be connected via USB to a computer: digital cameras, cell phones, MP3 or MP4 players,” adds Corrons. “This is clearly very convenient for users, but since all these devices have memory cards or internal memory, it is feasible that your cell phone could be carrying a virus without your knowledge.” Read more

DEF CON Survey Reveals Vast Scale of Cloud Hacking

An in-depth survey carried out amongst 100 of the elite IT professionals attending this year’s DEF CON 2010 Hacker conference in Las Vegas recently has revealed that hackers view the cloud as having a silver lining for them.

And a gold, platinum and diamond one, it seems, as an overwhelming 96 percent of the respondents to the Fortify Software-sponsored poll said they believed the cloud would open up more hacking opportunities for them.

This is being driven, says Barmak Meftah, chief products officer with the software assurance specialist, by the belief from the hackers, that cloud vendors are not doing enough to address the security issues of their services.

“89 percent of respondents said they believed this was the case and, when you analyze this overwhelming response in the light of the fact that 45 percent of hackers said they had already tried to exploit vulnerabilities in the cloud, you begin to see the scale of the problem,” he said.

“While ‘only’ 12 percent said they hacked cloud systems for financial gain, that still means a sizeable headache for any IT manager planning to migrate their IT resources into the cloud,” he added.

According to Meftah, when you factor in the prediction from numerous analysts that at the start of 2010 20 percent of businesses would have their IT resources in the cloud within four years (http://bit.ly/7dvygF), you begin to appreciate the potential scale and complexity of the security issues involved. Read more

National High School Cyber Defense Competition Registering Teams for Fall

Exciting Education Initiative Offers Teens Insight to Cyber Careers

The registration deadline is looming to participate in the nation’s premier high school cyber defense competition, CyberPatriot III.

“Our unique online competition still has room for teams,” said Bernie Skoch, CyberPatriot Commissioner. “To join, a high school teacher signs up and signs on five bright students for a fun, hands-on learning opportunity. It’s a great chance for the top teams to win scholarship money and a trip to Washington, D.C.”

CyberPatriot, presented by Northrop Grumman, is the one-of-a-kind national cyber security competition produced by the Air Force Association (AFA), a nonprofit organization headquartered near Washington, D.C. The registration deadline is October 8, 2010.

Teams of five, with an approved coach (generally a teacher) sponsoring them, learn to defend a computer network from real-life computer threat scenarios. In the fall, hundreds of teams across the nation will square off online, using special software and programs provided by CyberPatriot, to competitively solve vulnerabilities in their network. The top teams then compete again in a series of online rounds to determine finalists for an all-expenses-paid trip to the nation’s capital and the Championship Round at the Gaylord National Convention Center, in conjunction with AFA’s Cyber Futures Symposium and Technology Exposition in April of 2011. Read more

Panda Security and Defence Intelligence coordinate massive botnet shutdown with international law enforcement

Collaborative cybercrime investigation results in three arrests, more pending

Personal and financial data compromised from massive cyber attack impacting nearly 13 million unique IP addresses, 50 percent of Fortune 1000 companies

Preliminary damages estimated to be in the millions of dollars

According to IT security firms Panda Security and Defence Intelligence, the Mariposa botnet, a massive network of infected computers designed to steal sensitive information, has been shutdown and three suspected criminals accused of operating the botnet have been arrested by Spanish law enforcement. Mariposa stole account information for social media sites and other online email services, usernames and passwords, banking credentials, and credit card data through infiltrating an estimated 12.7 million compromised personal, corporate, government and university IP addresses in more than 190 countries. The botnet was shutdown and rendered inactive on December 23rd, 2009 thanks to the collaborative effort of different security experts and law enforcement, including Panda Security, Defence Intelligence, the FBI and Spanish Guardia Civil.

With almost 13 million compromised computers, Mariposa is one of the largest botnets ever reported on record. Christopher Davis, CEO for Defence Intelligence, who first discovered the Mariposa botnet, explains: “It would be easier for me to provide a list of the Fortune 1000 companies that weren’t compromised, rather than the long list of those who were.”

Following the discovery of Mariposa’s existence in May 2009, Defence Intelligence, Panda Security and the Georgia Tech Information Security Center spearheaded the Mariposa Working Group as a collaborative effort with other international security experts and law enforcement agencies to eradicate the botnet and bring the perpetrators to justice. The main botmaster, nicknamed “Netkairo” and “hamlet1917″, as well as his immediate botnet operator partners, “Ostiator” and “Johnyloleante”, were arrested earlier this month.

Pedro Bustamante, senior research advisor at Panda Security, said: “Our preliminary analysis indicates that the botmasters did not have advanced hacking skills. This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber criminals to inflict major damage and financial loss. We’re extremely proud of the coordinated effort made by all of the Mariposa Working Group members and the speed at which we were able to bring down this massive botnet and the criminals behind it.”

Late last year, the Mariposa Working Group infiltrated the command-and-control structure of Mariposa to observe the communication channels used by the suspected botmasters. These channels relay information from the compromised computers to the perpetrators and are commonplace, similar to those used by the Zeus, Conficker and Koobface botnets or as shown recently in the Google/Aurora operation. After analyzing the main command-and-control servers the Working Group was able to facilitate the coordinated worldwide shutdown of the Mariposa Botnet on December 23rd. Panda Security is currently leading a comprehensive analysis of the malware, as well as coordinating international communication among other antivirus companies to ensure that their signatures are updated.

Highlights from Panda Security’s preliminary analysis include:

– Once infected by the Mariposa bot client, the botmaster installed different malware (advanced keyloggers, banking trojans like Zeus, remote access trojans, etc.) in order to gain additional functionality into the zombie PCs.
– The botmaster made money by selling parts of the botnet, installing pay-per-install toolbars, selling stolen credentials for online services and using the stolen banking credentials and credit cards to make transactions to overseas mules.
– The Mariposa botnet spread extremely effectively via P2P networks, USB drives, and MSN links.

A more comprehensive report from Panda Security’s forensic analysis will be available at http://pandalabs.pandasecurity.com/ shortly. In the meantime a short description of the Mariposa botnet software can be found at http://www.pandasecurity.com/homeusers/security-info/217587/ButterflyBot.A.

“Once again, the coordinated efforts of various international law enforcement agencies and Spain’s Guardia Civil, together with the Internet security industry, have been able to tackle the global threat of cyber-crime,” said Juan Salom, commander of the Cybercrime Unit of the Guardia Civil.

According to Dave Dagon at the Georgia Tech Information Security Center: “Instead of making pie charts, we should treat a botnet as a crime scene and not just a research project.”

The Mariposa Working Group has officially seized control of the communication channels used by Mariposa, effectively severing the botnet from its criminal creators. In an apparent act of retaliation, a Distributed Denial of Service (DDoS) attack was initiated against Defence Intelligence shortly after the botnet was shut down in December. The attack was powerful enough to impact one large Internet Service Provider, many of whose customers were knocked offline for several hours.

According to a representative from CDmon, the ISP that collaborated in the investigation and where the criminal domains were hosted: “We are pleased to have been able to support this international operation, along with the Spanish Guardia Civil, Panda Security, Defence Intelligence and other law enforcement agencies, and to help bring down the botnet. CDmon is strongly committed to the concept of quality Internet, guaranteeing standards of quality and security across all our services. This collaborative effort is a big win in the fight against cybercrime.”

“We will continue to fight the threat of botnets and the criminals behind them,” says Davis. “We’ll start by dismantling their infrastructure and won’t stop until they’re standing in front of a judge.”

Defence Intelligence and Panda Security are attempting to contact affected organizations. To find out if your organization has been compromised, contact compromise@defintel.com or info@pandasecurity.com.

Next Page »

• Recent Posts

  • Top Web Scams of the Decade
  • 25 Percent of New Worms in 2010 Are Designed to Spread Through USB Devices
  • IBM Delivers New Software to Help Clients Adopt Smarter Security and Compliance Management
  • DEF CON Survey Reveals Vast Scale of Cloud Hacking
  • More Than 200 Websites Use ‘Justin Bieber’ as Bait to Distribute Malware, According to PandaLabs
  • Panda Security’s Flagship Internet Security 2010 Takes Top Spot in AV-Test Report
  • National High School Cyber Defense Competition Registering Teams for Fall
  • National Survey: Online Safety is a Personal Priority for Americans
  • SonicWALL Releases Mid-Year Assessment of Top Cybercrime Threats for 2010
  • Casper 6.0 Tech Edition Disk Backup and Upgrade Software
  • Open Source Community Paves Way for Developers to Improve Internet Access for the Aging, Disabled
  • SAP Releases New Version of SAP Business ByDesign
  • Apple Updates Safari 5
  • Apple Mac OS X Updated
  • Forget the Format: New Aimersoft Video Converter Family is Available Now

• Tags

  2009 2010 America antivirus Apple application beta browser business Conficker cybercriminals data protection download educational encryption free Home Software IBM internet iPhone Mac Malware Microsoft news office online PandaLabs Panda Security productivity protection safety security Security Software SIIA software Software News tech technology threats Trend Micro United States US USA Windows Windows 7