Monthly Archive for May, 2009
Security researchers are warning that Internet users who install pirated versions of Microsoft's latest Windows 7 operating system may also be installing malicious software, too. Experts at Atlanta-based security firm Damballa say they first noticed hacked versions of the Windows 7 release candidate available on peer-to-peer file-sharing networks and newsgroups last week, shortly after the OS was released to developers. Damballa found that computers with the tainted versions of Windows 7 were programmed to silently reach out to an Internet server to check for further updates, which in this case is a piece of malware that Kaspersky Antivirus calls Win32.Banload.cdk. "The first thing this does is phone home and get a list of additional malware to install," said Tripp Cox, vice president of engineering at Damballa. Damballa managed to grab control over the server that's contacted by the pirated Windows 7 versions -- codecs.sytes.net. -- which is how it knows
Last week, Kentucky Fried Chicken stores around the nation struggled to accommodate a surge of roughly 4 million new customers, after Oprah Winfrey told viewers of her show that they could get a free meal at KFC by printing out an Internet coupon. By most accounts, the marketing gimmick was a disaster, but it got me thinking about Oprah's sheer ability to mobilize the masses. I wondered: How much badness on the Internet would disappear overnight if Oprah suggested that her devotees download, install and run a set of free PC security scanning tools? Probably quite a bit, or at least enough to register a notable drop in global spam volumes, malicious software attacks and other activity that depends largely on remotely compromised PCs or "bots" to do most of the grunt work. Estimates of just how many systems are infected by bot programs vary widely, but even by the
One of the scarier realities about malicious software is that these programs leave ultimate control over victim machines in the hands of the attacker, who could simply decide to order all of the infected machines to self-destruct. Most security experts will tell you that while this so-called "nuclear option" is an available feature in some malware, it is hardly ever used. Disabling infected systems is counterproductive for attackers, who generally focus on hoovering as much personal and financial data as they can from the PCs they control. But try telling that to Roman Hüssy, a 21-year-old Swiss information technology expert, who last month witnessed a collection of more than 100,000 hacked Microsoft Windows systems tearing themselves apart at the command of their cyber criminal overlords. Hüssy oversees Zeustracker, a Web site listing Internet servers that use Zeus, a kit sold for about $700 on shadowy cyber criminal forums to harvest
The release candidate for Windows 7 is now available for download, and techies everywhere are busy kicking the tires on the new operating system. But as the folks over at Finnish anti-virus firm F-Secure observe, Microsoft persists in misleading users on the true nature of file types, by hiding file extensions of known file types in Windows 7. The default behavior of Windows Explorer in every version of Windows from Windows 2000 through Windows Vista is to represent files using icons, and to hide each file's extension type, such as ".txt" for text files, ".doc" for Microsoft Word files, and so on. But as Security Fix has noted before, this is a usability vs. security decision that Microsoft should have reversed long ago, and it's disheartening to see this behavior persist in Windows 7. That means that our average Windows user -- when he or she opens up their "My
Users of the Google Chrome and Mozilla Firefox Web browsers are far more likely to be cruising the Web with the latest, most secure versions of the browsers than users of either Opera or Safari, a study released today found. The analysis, from researchers at Google Switzerland and the Swiss Federal Institute of Technology, pored through anonymized logs from Google's Web servers. The results were somewhat unsurprising, but still interesting: 97 percent of Chrome users were browsing with the latest version within 21 days of that version's release date. By comparison, 85 percent of Firefox users were surfing with the latest version within three weeks of a major new release (this is a marginal improvement over the results from a similar study released last summer, which showed roughly 83 percent of Firefox users browsing with the latest version). The study's conclusion extols the virtues of auto-update features, functionality that is
Hackers last week broke into a Virginia state Web site used by pharmacists to track prescription drug abuse. They deleted records on more than 8 million patients and replaced the site's homepage with a ransom note demanding $10 million for the return of the records, according to a posting on Wikileaks.org, an online clearinghouse for leaked documents. Wikileaks reports that the Web site for the Virginia Prescription Monitoring Program was defaced last week with a message claiming that the database of prescriptions had been bundled into an encrypted, password-protected file. Wikileaks has published a copy of the ransom note left in place of the PMP home page, a message that claims the state of Virginia would need to pay the demand in order to gain access to a password needed to unlock those records: "I have your [expletive] In *my* possession, right now, are 8,257,378 patient records and a total
