Archive for the ‘Infection’ Category

Yet another reason (as if you needed any more) to keep your anti-virus and anti-malware programs up-to-date.

Even mainstream websites can (indirectly) be a source for malware and “drive-by” attacks, when the ad service includes an advertisement with malware attached.

See the article on arstechnica.com, My browser visited Weather.com and all I got was this lousy malware for more details.

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don’t click on links.

Note, too, the closing sentence in that article:

There’s no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available.

 

I’ve been getting a flood of phishing attempts, supposedly for a “failed ACH payment”.  In fact, there are times when, in the time it takes me to delete the ones that made it past my filters and into my inbox, a dozen more show up.  Out of curiosity, I checked my spam filter, and found this:

Continue reading ‘Spammers are nothing if not persistent’ »

Here’s a question for you.  If you wanted to create some piece of malware that would survive replacing the hard drive, flashing the BIOS, and reinstalling the O/S from a clean set of disks, and with no network connection, how would you do it?  Seems impossible, doesn’t it?  How could an infection get back in without any way for the infection to have survived the “wipe and start over” process?

Well, a well-known hacker named Charlie Miller found a way… the battery.

Continue reading ‘Latest security risk — your laptop’s battery’ »

Here’s an article on Mobile Redirect with an interesting twist on the recent worm.

This is an amazing by-product of social networks. The ability for users to identify and kill viruses, worms, trojan horses, etc. These types of unique social network ecosystems reflect activity existant in the natural world.

[…]

“Social networks have built-in antibodies…their users,” said Sean Sullivan of the Finnish security company F-Secure. “Compare the Twitter attack to a malicious attack of yesteryear that took weeks or even months to develop. This peaked and ebbed in two and a half hours,” Sullivan said.

That’s not to say that spammers don’t love sites like Twitter, because all they care about is finding some sucker to buy their product. A two-hour flood of spams is “great”, as far as they are concerned. But, it’s an interesting concept regarding worms and other malware on such sites.

Thoughts?  Comments?  Leave them in the comment area below.  Thanks.

Is this the first case of computer malware causing human deaths? Perhaps. But it certainly won’t be the last.

As noted in a recent MSNBC article:

Authorities investigating the 2008 crash of Spanair flight 5022 have discovered a central computer system used to monitor technical problems in the aircraft was infected with malware.

An internal report issued by the airline revealed the infected computer failed to detect three technical problems with the aircraft, which if detected, may have prevented the plane from taking off, according to reports in the Spanish newspaper, El Pais.

Flight 5022 crashed just after takeoff from Madrid-Barajas International Airport two years ago today, killing 154 and leaving only 18 survivors.

We’ve probably all seen it.  You go to a web page, and it tells you that you need to update your flash player in order to access the site, and gives you a handy link to download it.

Well, “the bad guys” saw those, too, and there has been a recent wave of fake “update” programs on scam sites, as well as “hacked” sites.  Sometimes, it will even come in the form of an “important message” supposedly from your bank, credit card company, or other well-known business.

The bad guys know that many people will simply click the link, and ignore any security warnings that come up, since similar warnings would be expected from a real install program.

The problem is that these e-mails and web pages don’t really have any flash content to display. They exist for the sole purpose of getting you to click on their “get the update” link, which, of course, is really a trojan meant to infect your system.

So, how can you tell if you really need to update your flash player (or other browser plugin)?

Continue reading ‘“Your flash player is out of date.”’ »

There’s a new worm in town, and it’s called “Stuxnet”. Unlike previous worms, which required the user to run a program, have “autorun” enabled, load a document into a spreadsheet or word processor, or at least look at the file in some manner, this worm is triggered by simply viewing the folder. The vulnerability even affects Windows 7, and as of today there is no fix yet from Microsoft.

For example, placing an infected USB stick into the computer on Windows 7 will, by default, ask you what you want to do.  Being a smart person, you know to avoid the “autorun” option, and instead opt for “open folder” choice, to see what sort of files are on it. That act alone will trigger the worm. Same thing with “My computer” and then double-clicking the USB stick, or navigating to any folder with the infection in it.

According to an article from Microsoft: Continue reading ‘The Stuxnet worm’ »