craigc

- FOX News

Thousands of Facebook users are being suckered by a virus masquerading as a slideshow of beach babes, reports security software firm Sophos.

The malware comes from a post on user's walls that advertises a video of "Distracting Beach Babes," and includes a picture of a young woman in a bikini. And clicking on the video link takes you to a rogue Facebook application, warns the security firm, which will display a bogus message leading you to download adware to your computer.

Meanwhile, the application has just forwarded the video in your name to all of your Facebook pals.

The virus is probably related to the more widespread "sexiest video ever" scam, which also offers a tantalizing picture before attempting to install malicious software on the user's computer.

These schemes may seem silly, but they can be very successful, points out Graham Cluey, a senior technology consultant with Sophos. "Many Facebook users are all-too-comfortable with receiving salacious videos and humorous links from their friends, and will click on them without a moment's thought," he said. "Unfortunately that can then begin a bombardment of malicious posts to their social networking contacts -- do you really want a blitz like this unleashed in your name?"

Noting that the scam began spreading over the weekend, Cluey wonders whether that reflects deliberate timing from the cybercriminals. Do they "deliberately launch these campaigns on the weekends, imagining that anti-virus researchers and Facebook's own security team might be snoozing?" he wonders.

Cluey advises Facebookers hit with the scam to delete the message from their wall, scan their computer with an up-to-date anti-virus application, change their password. And he hopes they've learned a lesson, too.

"Don't be so quick to click on unsolicited links in the future."

- by Tom Foremski, ZDNN

Computerworld has a very interesting story about the Google/China flap.

Reporter Robert McMillan quotes an unnamed source:

…they [hackers] apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press. “Right before Christmas, it was, ‘Holy s***, this malware is accessing the internal intercept [systems],’” he said.

Google was already hosting a spy system that provided the Chinese government, and any other government with user data. They merely had to request that data through a warrant. That internal spy system became the weak spot in Google’s security technology.

But why would the Chinese government try to hack into a system that was already providing it with user data?!

Clearly, the Chinese government was looking at collecting data on all other Google users, not just human rights activists. China was trying to spy on us all! And Google’s internal spy system compromised all its users.

This reveals that Google collects information about all of its users all of the time and in a format that enables it to easily had it over to any government agency that orders a search warrant. This is an embarrasing revelation.

What’s worse is that Google is using the pretext of human rights to hit back at China, when it was a vulnerability in its internal spying system that potentially compromised all Google users, not just human rights activists.

An interesting article from last year showing the trends in how malware is trying to "get" you!
__________

Tom Espiner ZDNet.co.uk, June 2008

The amount of web-based malware on legitimate sites has increased by over 400 percent since last year, according to security vendor ScanSafe.

In a security report entitled A comparative look at the state of web security, May 2007-May 2008, released on Thursday, ScanSafe found 68 percent of all internet-based malware was now being hosted on legitimate sites.

"The compromise techniques being used now allow hackers to quickly 'colonise' thousands of legitimate sites, from big brand-name sites, to smaller but equally legitimate sites," said Mary Landesman, senior security researcher at ScanSafe.

Techniques to compromise websites, including Iframe and SQL injection attacks, are becoming more ubiquitous, ScanSafe warned.

The fastest-growing category of threats hosted on the sites was backdoor and password-stealing malware, which increased 855 percent from May 2007 to May 2008. There was also a 220 percent increase in the amount of Trojans, viruses, and other malicious code being hosted on the web, according to ScanSafe.

"Over the last year malware authors have moved away from direct attacks — attacks in which they directly interact with victims, via social engineering for example — to indirect attacks accomplished through compromised websites," said Landesman.

- by Adrian Kingsley-Hughes c/o ZDNet

Remember that Stealth Update I talked about a couple of weeks ago? The one that Microsoft sent down the pipes to XP and Vista users and installed it irrespective of whether the user had given consent for updates to be installed? Remember too how the apologists claimed that there was nothing wrong with how Microsoft had behaved because there was no harm done? Well, it turns out that this update isn’t as benign as we first thought and can indeed cause problems for Windows XP users if they try to repair their installation.

Full image gallery available

Information uncovered by Scott Dunn of WindowSecrets.com indicated that a bug in this update prevented users from being able to download and install patches on XP systems that have been repaired:

However, after running the repair option from an XP CD-ROM, Automatic Updates defaults to “on,” and the new 7.0.600.381 executables are automatically downloaded and installed. These new executables fail to register themselves with the operating system, preventing Windows Update from working as intended. This, in turn, prevents Microsoft’s 80 latest updates from being installed.

Testing

I was lucky enough to get early access to this information, and regular readers by now must know that over at the PC Doc HQ we don’t take anything for granted - so we set up a few systems to see if we could replicate this issue.

Pages: 1 2

Thanks for linking to my blog. I am a founding member of mygeni.us and primarily responsible for the technical development and implementation of that service.

I am available to you as a TAG associate to discuss the technology and design of mygeni.us' tools.

For more information about me and my consulting company please visit Caesar Consulting, LLC