Archive | malware RSS feed for this section

Threat Report Reveals Google replaces Microsoft as Number One Vendor for Vulnerabilities

16 Nov

Finally FastInternet safety tips from the Finally Fast team

Google replaced Microsoft as the number one vendor for reported vulnerabilities, with a total of 82, due to existing vulnerabilities in Chrome as the browser grows in popularity. Oracle came in second, with 63; Microsoft fell to third place, with 58, all according to Trend Micro’s Third Quarter Threat Report.

Trend Micro threat researchers also witnessed a significant shift from mass compromises to targeted attacks, particularly against large enterprises and government institutions. Their work led them to the uncovering of one of the most notable groups of targeted attacks during the third quarter – the LURID downloader.

These attacks, which were classified by Trend Micro as advanced persistent threats (APTs), targeted major companies and institutions in over 60 countries, including Russia, Kazakhstan, and the Ukraine. The cybercriminals behind these attacks launched over 300 malware campaigns in order to obtain confidential data from and take full control of affected users’ systems over an extended period of time. LURID was successful because it was targeted by its nature. By zoning in on specific geographic locations and entities, LURID compromised as many as 1,465 systems.

Other notable security attacks, scams, breaches and exploits

Trend Micro threat analysts came across a new DroidDreamLight variant with enhanced capabilities and routines. Disguised as battery-monitoring or task-listing tools or apps that allow users to see a list of permissions that installed apps utilize, copies of this new Android malware littered a Chinese third-party app store.

In the first half of July, Trend Micro researchers spotted a page that enticed users to click a link to get free invitations to Google’s latest stab at taking a slice of the social media pie—Google+. Instead of invitations to join the site, however, all the users got was an “opportunity” to take part in a survey that put them at risk.

LinkedIn users were also part of a criminal scam that tricked them into clicking a malicious link to a supposed Justin Bieber video that redirected them to a malicious site.

The most notorious spam runs this quarter led to the download and execution of two banking Trojans: The first campaign featured a spam that purported to come from the Spain National Police; the second supposedly came from the Internal Revenue Service.

India and South Korea was part of the top three spam-sending countries. The United States, which commonly takes the top spot, was not on the top 10 spam-sending countries list most likely due to the arrest of several spambot operators.

Notable security research wins

In addition to the discovery of the LURID downloader, Trend Micro and other global security teams made impressive takedowns in Q3:

After months of monitoring, Trend Micro researchers uncovered a SpyEye operation controlled by a cybercriminal residing in Russia with the handle, “Soldier,” and his accomplice in Hollywood, California. This botnet operation, which amassed more than US$3.2 million within six months, targeted large enterprises and government institutions in the United States, as well as organizations in Canada, the United Kingdom, India, and Mexico. More details on this win can be found in Trend Micro’s research paper, “From Russia to Hollywood: Turning Tables on a SpyEye Cybercrime Ring.”

Trend Micro researchers were also able to gather in-depth information on two of the largest FAKEAV affiliate networks to date—BeeCoin and MoneyBeat. More details on how FAKEAV affiliate networks work can be found in the research paper,”Targeting the Source: FAKEAV Affiliate Networks.”

Photo Credit

What Makes People Susceptible to Scams

14 Feb

From the FinallyFast help Desk:

How do you protect PC and your information? Below shows the ways that you can get tricked by  Cyber criminals. (Click on the image to make it larger.)

Malware and How to Protect your PC

8 Feb

From the FinallyFast Help Desk:

There is a war going on. Behind the scenes cyber criminals are attacking your PC and stealing personal information. Whether is Malware, Spyware, or a Trojan horse, it’s important to keep your PC safe. Programs like FinallyFast and SpywareStriker are great ways to keep your PC clean and your information secure.

What is Malware?

Malware is a malicious software which is designed to access a computer without the owner’s consent.  Spyware, Trojan horses, viruses and worms are all considered Malware. Malware is usually a part of cyber crime, by stealing information like bank accounts from your PC. Malware is usually passed from user to user by email and more recently through social networking sites like Facebook.

What is Spyware?

Spyware does what it sounds like; it spies on your PC. Whether it is to steal your information like credit cards and bank account information, or simply to get passwords, Spyware is a huge security threat and a huge issue for computers. Often times Spyware will be completely hidden from the user of the PC and is very difficult to detect. As Spyware works it slowly steals various types of personal information, it can also change computer settings, install other software and redirect browser activity on the Web. A AOL and National Cyber-Security Alliance, study in 2005, found 61 percent of users’ computers were infected with spyware of some form (“AOL/NCSA Online Safety Study”, America Online & The National Cyber Security Alliance. 2005.) Spyware is not like viruses and worms in that it does not self-replicate usually. For more information check out http://en.wikipedia.org/wiki/Spyware#cite_ref-aolstudy_2-0

What is a Trojan Horse?

You might think a Trojan Horse was just a part of a book where the Greeks had fun playing a trick on the Trojan’s. A computer Trojan works much the same way as the Greeks famous Horse, it pretends to be something else. Most computer users click on what they think is a desired program and install it and never become wiser. The Trojan horse will conceal a harmful or malicious payload (meaning another program like spyware, worms, or viruses). The payload goes to work immediately. For more information check out http://en.wikipedia.org/wiki/Malware

What Can You Do?

Although firewalls and anti-viruses can stop many things from getting into your PC, there are many things that can get through those systems. Many programs that run behind-the-scenes can often get around firewalls and anti-virus software. The best thing is to get a Spyware Scan that can look things that are hiding in your system behind the scenes, undetected. SpywareStriker Pro is an amazing Spyware Scan that eliminates Spyware and Malware from your system. Spyware Striker Pro includes CounterSpy scan engine. This Award-Winning scan has been awarded the CNET Editor’s Choice Award as: “the only antispyware product that correctly identified every piece of spyware… It did very well in active scanning, on-demand detection, and complete spyware removal.” In another words it is kind of like James Bond for your PC. You can check out SpywareStriker Pro at FinallyFast or by clicking here.

Clutter Free PC: Facebook Malware Alert!

15 Nov

Courtesy of Clutter Free PC:

Facebook leads the social networking field in malware

Since the introduction of social networking to the internet, teenagers, college students, baby boomers and even senior citizens have signed up. Unfortunately for all of them, cyber criminals have as well.

A recent study by Panda Security documented the protective standards of social networking and found 33 percent of small- and medium-sized businesses reported a malware infection through social networking for business use. The impact has worsened as well, as 35 percent of those businesses suffered a financial loss while trying to recover from a social media-based malware attack. The study, which investigated 315 SMBs in the United States, found the financial loss for more than one-third of businesses affected by malware exceeded $5,000. Because of the benefits of social networking for business purposes, the increased use puts more enterprise networks at risk for malicious software.

“Social media is now ubiquitous among SMBs because of its many obvious business benefits, yet these tools don’t come without serious risks,” said Sean-Paul Correll, threat researcher at Panda Security.

However, businesses have the resources to reduce the threat of social networking more easily than consumers can.  Companies like Clutter Free PC (www.clutterfreepc.com) and Ascentive, LLC, have been providing tools to businesses for over ten years.  Sadly, many consumers are still unaware that they need the same protection.

“In Panda’s first annual Social Media Risk Index, we set out to uncover the top SMB concerns about social media and draw a correlation to actual incidence of malware infection, privacy violations and hard financial losses,” Correll added. “While a relatively high number of SMBs have been infected by malware from social sites, we were pleased to see that the majority of companies already have formal governance and education programs in place. These types of policies combined with up-to-date network security solutions are required to minimize risk and ultimately prevent loss.”

For consumers, the threats of social networking still loom. Although Facebook has become popular among businesses, the leader in social networking is also the leader in malware threats, at 71.6 percent, and privacy violations, at 73.2 percent. The popular online video website YouTube was the second most dangerous social networking site, but was far behind Facebook with 41.2 percent of all social networking malware. Twitter showed a significant threat for privacy violations, following Facebook with a risk for 51 percent of all information leaks.

Malware and privacy threats have consistently increased as social networking has blossomed into its current state. However, internet users have still been drawn to social media, as Facebook currently touts more than 500 million registered users and Twitter has exceeded 200 million registrations. Even foursquare, a relatively young social networking site based in which users can share their favorite locations, has recently reached 3 million users.

A quick review of Clutter Free PC Stories shows us that internet users are still drawn to social media sites, despite the recent spike in security and privacy risk. Security experts advise them to install protective anti-malware software that could make for an enjoyable social networking experience without the risk of their computers contracting a virus.  Find out more about anti-malware software at Clutter Free PC.

 

Research finds more than 1 million HTML spam attacks per day

28 Sep

Cyber criminals have been using HTML to exploit innocent users with malware for years. According to a recent study, this technique has been on the rise lately.

Security company Barracuda Networks recently released its research that found email spam attacks have increasingly been using malicious HTML file attachments to infiltrate their messages’ recipients. The lab found “well over 1 million instances a day” of email spam messages that contain malicious HTML attachments.

These kinds of email spam attacks present an attachment, or a pop up, with an HTML file that launches a JavaScript attack. In some cases, a back-door virus can be sent, infiltrating computers even if users close the web browser without clicking on the file.

“So yes, a seemingly innocent HTML email attachment can do plenty of damage, and while quite stealthy, definitely not harmless,” Dave Michmerhuizen, Barracuda Labs’ researcher, said.

The issue that makes HTML so effective for cyber criminals surrounds the format of many legitimate files sent in emails today. As Michmerhuizen explains on the company’s blog, most users unknowingly click on HTML files within emails because they are so used to seeing them as attachments in their personal and work emails.

“Users have been warned of the potential dangers associated with clicking on a file or link that arrives in an email. But many people assume that an HTML file is just a webpage and that webpages are safe,” Michmerhuizen explained. “This assumption is misleading, and the examples … show why HTML attachments are just as serious of a threat as other attachment types.”

The research organization’s report also highlighted some of the other common media cyber criminals leverage to send malicious HTML files. Recent search engine results have been linked to dangerous HTML files, exposing innocent web surfers to malware when they use Google, the world’s leading search engine.

“Google hot topic search results frequently are littered with links to hacked sites that serve up malicious JavaScript,” Michmerhuizen said.

However, cyber criminals have built off the search engine trend, linking the same malicious attacks into email spam to spread the attack into a medium in which users are more likely to click on the file.

“Now, the attackers are taking that a step further and not requiring the user to come to their hacked sites but rather simply emailing the same malicious JavaScript sites straight to an inbox,” Michmerhuizen added.

As the recent influx of HTML target some of the most commonly used internet tools, the internet would be relatively useless to users who simply try to avoid these malware-ridden sources. Integrating the most updated anti-malware software can allow users to freely surf the web and check their email without worrying about malware crippling their PCs.

‘Free’ media content not so free when users pay for malware that comes with it

16 Sep

Internet users, just as every day consumers, are naturally attracted to free offers. Especially considering the vast array of sources for deals and products on the internet, searching for free items on the internet can be a bargain hunter’s dream.

Cyber criminals, unfortunately, have caught on to this and are targeting internet users looking for free items.

A recent study from online security firm McAfee found adding the word “free” while searching for media content or other online services significantly increases the risk for contracting malware. Mobile phone ringtones, which are available from myriad internet sources, present three times the risk of contracting malware when adding the word “free” to a search for them. As many websites offering free media content are illegal, under federal copyright standards, they have become a target for many cyber criminals looking to launch malicious attacks through a largely unregulated medium. To protect PCs, security experts advise users to use caution when searching for free content.

“Sites that are set up to distribute illegal content are very sophisticated and may leave a user not understanding the nature of the site to which they have been directed,” McAfee’s report warned. “These sites often distribute malware and expose users to other risks.”

Music seems to be a main target for recent malware attacks, as the term “MP3″ also added a significant risk for malware when searching for media content. McAfee’s research also found a 40 percent increase in websites that distribute MP3 files that carry malware since 2009.

Individual musicians are beginning to become targeted as they become more popular. According to the study, 4 percent of searches for teenage singer Justin Bieber’s single “Baby” in the U.S. and Japan led to websites that posed a security threat. Furthermore, the study discovered thousands of malicious websites linked to musicians’ fan clubs, fan pages and social networking results for famous artists found on Facebook, MySpace, YouTube and Twitter.

“Consumers are visiting fan sites, downloading movies and reading celebrity news, but generally aren’t aware of the risks,” said Paula Greve, McAfee’s director of web security research. “They can access ‘free’ content quickly and easily, but it actually comes at a price. Consumers must stay aware of the risks and be on the lookout for potential new dangers.”

In addition to legal risks with downloading free media content, internet users face PC security threats. McAfee’s study discovered 12 percent of websites that distribute unauthorized media content have malware, as well as an additional 7 percent of these websites that have direct connections with cyber crime organizations.

As many computer users may become too accustomed to music searching online, installing a protective anti-malware solution can ensure safe web searching and keeping up with the latest music releases and news without worrying about malware.

Google: 15 percent of malware comes from fake antivirus warnings

14 May

Google announced last week that the results of a study showed fake antiviruses to be responsible for a large portion of internet scamming, CNET reports.

Fake antivirus offerings, which appear to users as pop-up warnings regarding the health of the user’s system, represent 15 percent of all malware detected on websites, Google’s 13-month study revealed. The number of these viruses has increased by five times the original amount seen by Google when it started its research in January 2009.

During its study, the search engine giant analyzed 240 million webpages, which found more than 11,000 domains associated with fake antiviruses. Contributors to the study also found that the domains responsible for the malware existed online for increasingly shorter periods of time, making them harder to pinpoint.

“Once [the malware] is installed on the user system, it’s difficult to uninstall, you can’t run Windows updates anymore or install other antivirus products, and you must install the [operating] system,” rending it unusable until it is cleaned up, said Niels Provos, a principal software engineer at Google, CNET relays.

Avoiding this malware isn’t tough, though, according to Provos. He simply recommends that users that come in contact with these fake pop-ups should close the browser on their computer and restart the internet program.

Kaspersky.com reports that four of the top five malicious programs during March 2010 involved the notorious net-worm botnet.

Facebook unnamed app could be unnamed malware

29 Jan

Scareware scammers are once again targeting Facebook users. This time, they are taking advantage of rumors about an “unnamed app” that supposedly poses a security risk to Facebook users. While the rumor seems to be untrue, according to security experts, those spooked into searching Google for information found numerous hacker-poisoned search engine results prepared for the scam. These websites redirect to malware distribution portals, according to a blog posting by Rik Ferguson of Trend Micro. Ferguson explained that the Facebook unnamed app security threat is just a rumor, but the threat of searching for the term is all too real, although he’s not sure which came first – the rumor or the scam. “Criminals have picked up on the concern among Facebook users (or possibly they were responsible for starting the rumor?), and they have already started to poison Google search results,” he wrote. Facebook has reportedly fixed the bug and a spokesperson told CNN that no harm was done to user accounts.

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: