Users Hammered by Fake Antivirus Resurgence, warns GFI Labs

GFI® Software has identified new variations of rogue security code aimed at businesses and consumers, often distributed through spam carrying the Blackhole exploit

London, UK, March 2012 : GFI Software has released its VIPRE® Report for February 2012, a collection of the 10 most prevalent threat detections encountered during the month. Most notably, GFI Labs has been documenting a new wave of fake antivirus applications (or rogue AV) on its Malware Protection Centre blog. Growing since the start of the year, last month brought a significant spike in new variations of rogue AV.
“While the velocity at which rogues were successfully propagating may have slowed toward the end of last year, they are certainly back now, and they remain a popular tactic among cybercriminals,” said Christopher Boyd, senior threat researcher at GFI Software. “Users should not let their guard down. As always – no matter how convincing they look – always take the time to evaluate any piece of software that claims your PC is infected, prompts you for a credit card number or asks you to share any sensitive data, especially if it’s software that you or your employer did not install.”

Many rogue AV programs are being distributed via spam containing malicious links to the Blackhole exploit, a tool used by cybercriminals to target unpatched vulnerabilities in software applications from industry leaders like Microsoft Corp. and Adobe Systems Inc. Users infected by rogue AV may be redirected to fraudulent websites, have their systems hijacked by software appearing to scan their PCs or plagued by messages warning of viruses and other PC security risk. These scareware tactics trick users into providing credit card data to purchase non-existent protection.

Rogue AV utilities are continually tweaked in an attempt to avoid detection, with newer variants of these malicious applications propagating every 12 to 24 hours. When confronted with suspected rogue AV, users can visit the Malware Protection Centre for removal advice or download GFI Software’s free virus removal tool, VIPRE® Rescue.

Movie Fans Targeted, Gamers Under Fire
Industry experts discovered that the personal web site of Twilight author Stephenie Meyer had been compromised, resulting in the site serving malware to visitors. The site had been compromised to host Crimepack, an exploit kit that takes advantage of known vulnerabilities of various Web browsers and the Windows® OS to install malware. Computers exploited by Crimepack can be turned into so-called ‘zombie’ clients, whereby criminal groups can control the infected machines remotely, using them to undertake an array of malicious tasks, such as spamming and launching denial of service (DoS) attacks.

Gamers were targeted via YouTube videos encouraging users to download a program that would generate codes that could be redeemed for free Microsoft Points, the online currency used by millions of Xbox® users worldwide. The bogus generator prompted the victim to fill out various surveys in order to receive a password and continue the code generation.

Despite the best efforts of Microsoft and a number of security specialists, the Kelihos Botnet has continued to gain momentum in the wild. Capable of sending out billions of spam emails in a day, Kelihos has been used to bombard users with spam relating to pornography, Viagra®, and fake pharmaceutical companies. After being suppressed towards the end of 2011, evidence uncovered by industry experts suggests that a new variant is on the loose, rebuilding the botnet and adding to the global spam burden.

Other high profile scams detected during February included a gift card scam that appeared on a fake Tumblr blog, in time for Valentine’s Day, which purported to be from lingerie firm Victoria’s Secret. With the company about to open its first UK outlets, we may see more localised examples of this in the coming months.

Top 10 Threat Detections for February
GFI’s top 10 threat detection list is compiled from collected scan data of tens of thousands of GFI VIPRE Antivirus customers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that Trojans once again dominated the list, taking half  of the top 10 spots.

About GFI Labs
GFI Labs specialises in the discovery and analysis of dangerous vulnerabilities and malware. The team of dedicated security specialists actively researches new malware outbreaks, creating new threat definitions on a constant basis for the VIPRE home and business antivirus products.

About GFI
GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organisations on a global scale. The company has offices in the United States, United Kingdom, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.

This press release is presented for your information only.

Full Disclosure Statement: The GREEN (LIVING) REVIEW received no compensation for any component of this article.

This article is for your information only and the GREEN (LIVING) REVIEW does not (necessarily) approve, endorse or recommend the product, service or company mentioned.

Don’t post holiday travel plans on social media

by Michael Smith (Veshengro)

While this message is being repeated time and again it is once again, it would appear, something that is needed, yet again.

There is no such thing as 100 percent privacy on social media websites, and even so-called friends may not really be friends.

Therefore DO NOT post any information as to whether you are going away over the holidays and to where on Facebook, Twitter, or other forums and such like. This is one sure way of letting criminals know your home is empty. Thus it is not a very good idea even though you may think you MUST keep your “friends” and followers informed every minute of the day what you are doing and where you are.

Avoid you home being targeted by burglars by keeping all that information until later. There is no need for everyone to know where you are and what you are doing. Also and especially resist the urge to broadcast their location on Twitter or through “geotagging” which posts the users exact location on Facebook and other sites.

There are ways of protecting yourself by simply turning any “geotagging” facility simply off (permanently) and also not to have any address details posted on any of the sites, whether Facebook, Twitter, or what-have-you.

Parents need to be especially vigilant in watching what their children post on social media websites. Kids might brag about going on a ski vacation or post their current location as home alone while the parents are out shopping. This is dangerous information if it falls into the hands of the wrong people.

As we saw the hacking of Mark Zuckerberg’s own Facebook page, there is no such thing as 100% privacy on social media websites, and even so-called friends may not really be friends. Therefore it is best to not put anything on the Internet that could be used to find you or your home, and that includes photos that could be used for burglars and other criminals to track you and your home down.

Here are five tips for using social media safely:

1. If you are traveling out of town, wait until you return home to post photographs and details about your trip. DO NOT do it while you are away. Criminals search for personal information on Facebook profiles and may discover an opportunity to burglarize your empty house.

2. If you or your children are home alone for the day or the weekend, never post it as a status update on Facebook or tweet it.
3. Thoroughly examine all the privacy options Facebook offers for the accounts of everyone in the family and choose the most restrictive settings. Review with your children who is on their friend’s list and verify they are truly friends.
4. Do not post dates of birth and other sensitive personal information. Be aware not to accidentally publish answers to security questions, such as mother’s maiden name, the town you were born in or your favorite movie. Also avoid giving out information that could help narrow down your location, such as which high school a student attends.

5. Turn off “geotagging” on Twitter and other social media sites to avoid telling strangers where you are and where you are not.

Your safety, that of your family, and of your home and possessions could be at risk if you reveal too much information about yourself, your family and your locations. Play it safe at all times.

Oh, and before I forget: this is valid for all occasions and not just the Christmas holidays and vacations.

© 2011

Massive solar flare sparks solar storm; possible threat to power grid, computers

Disruptions to power grids, satellite navigation systems and computer systems feared

By Michael Smith (Veshengro)

On June 7, 2011 the US Space Administration (NASA) registered the strongest solar storm since 2006 and it is feared that it could affect systems on Earth.

The most benign effect assumed will be increases aurora activities, that is to say it should be possible to witness awesome polar lights.

Other effects, on the other hand, which would be far from benign, could be damage to satellites, interruptions and other problems by the transmission of satellite communication and data, such as GPS, because of an increased mass of electrons in the ionosphere. Disruptions to power- and communications networks through induction are also possible.

While this event was bad enough, so to speak, space-weather experts are concerned about future solar events.

The sun's 11-year cycle of activity, driven by tangled surface magnetic fields, will hit its maximum in late 2013 or early 2014. Magnetic messiness will peak around that time and prompt nasty solar storms.

We will, however, probably see [extreme] flares every couple of months instead of years and if one of these powerful flares – and its coronal mass ejection – faces Earth, the particles will pound satellite components with charged particles, short some out, and potentially cripple them.

On the planet's surface, extra currents of solar particles drive extra electric current through power lines and heat them up. A solar storm in 1859, for example, caused telegraph lines to burst into flames. Power companies distribute loads to avoid such a disaster, but energetic solar storms could still blow transformers and lead to power outages, especially during heat waves like the one sweeping the eastern U.S. this week.

"Despite great countermeasures, the power grid is still vulnerable and we could be in for some serious problems, and not just, as if this were not bad enough, as regards the power grid. Communications, which today more often than not rely on satellites also could be severely crippled and impossible for days, if not longer.

This also could seriously effect and impact on aviation and maritime traffic as all communications, nowadays, are dependent on satellites, as does the navigational systems of aircraft and ships.

Yet another proof, if any more proof would be needed, that we have become too reliant and dependent on vulnerable high-tech equipment which could be put out of action by electromagnetic pulse and fields.

Individual computer centers could be secured by use of a Faraday cage and the same could, probably, be achieved for the PC at home, but the problem is that the Internet, the system of communication that we have become so dependent upon, and that includes me, as I am no Luddite, can and will suffer under such “attacks.”

So far, as time of writing, several days after the event on the sun, nothing awful seems to have happened so far but, as some scientists stated, it could be several days before the impact could be felt with all power.

This may, on the other hand, just be a “shot across the bow” and should be used as a wakeup call to harden our critical infrastructure systems and the Net is part of that critical infrastructure.

© 2011

Microsoft about to hand source-code of Skype to Russian secret service?

By Michael Smith (Veshengro)

The Russian daily Vedomosti and the British press agency Bloomberg announced the possible cooperation of the now Microsoft-owned business, Skype, with the Russian secret service, the FSB.

It is the aim, apparently, to hand over to the FSB part of the source-code for the application and by doing so they would hand the successor to the KGB a very powerful tool to intercept Skype communications.

Microsoft is, however, denying that this would be the case. They would, wouldn't they.

So far the Voice-Over-IP-service Skype is being considered as extremely secure. It is impossible for outsiders, due to complicated algorithms, to log themselves into chats or telephone conversation and thus monitor communications.

Even governments and their agencies, including secret services, do not have, according to official sources, the possibility to decode the data that is being sent via Skype, whichever form this data may be having. Skype has, so far, got the reputation that its encryption is of the highest military grade making it impossible to wiretap the conversations.

But, if the report by the news agency Bloomberg is anything to go by then this could change soon.

Ever since the acquisition of the Skype service by Microsoft the directors of company in Redmond have become very happy to cooperate with law enforcement agencies and intelligence services. That is why Skype is intending, so Bloomberg, to hand over pats of the source-code to the FSB.

It was rather obvious that, as soon as MS was getting their mitts on Skype they were going to screw up the privacy that Skype used to provide. MS, like Mark Zuckerberg of Facebook, do not know what privacy means. Or would MS otherwise deem it to be right to snoop on your and my PC when we connect to their sites for updates and such?

Should this indeed happen as indicated by the Bloomberg report then the successor organization to the KGB might not directly be given the “master key” with which to be able to tap in to each and every Skype call or chat but with the source-code they could find back doors with which to do just that.

Redmond, however, claims that there is nothing true on the reports but they would deny such things, would they not. People would be leaving the Skype service in droves, I am sure, should that those shenanigans by Microsoft become reality and, obviously, they don't want to spook the horses as yet.

In a statement to the Blomberg agency Microsoft reiterated that there are no moves afoot to give away the source-code for Skype but, then again, no one was talking about giving the source-code away to all and sundries now.

According to the Russian daily Vedomosti has the FSB been developing good relations to and with many software giants and Skype would not be the first program which the agency would be given full access to.

Maybe this will have to also be seen in the light of some recent communications that came out of Russia where it stated that the Russian government was going to switch over to Open Source altogether including Linux and such operating systems. Is Microsoft oiling the wheels so it can keep in with the Russian government?

© 2011

The desktop PC is not dead

Not by a long shot and neither should it be...

By Michael Smith (Veshengro)

The death of the desktop PC was rather prematurely announced and as far as I can see it might be the laptop that will lose out to netbook and smart phone rather than the desktop PC.

The desktop is easier to assemble and far easier to repair or upgrade and hence is superior to the laptop, though not, maybe, in terms of energy consumption. That could, however, also be solved by changing the type of power supply. On the other hand, the desktop, because of its ease in repair and upgrade, will outlast a laptop and netbook and therefore its environmental footprint, even with the slightly higher energy consumption is smaller than that of the laptop.

There are also desktop PCs about that are very good with energy and which are also nice and compact, such as and especially the “Broadleaf” PC from VeryPC, and UK company with the PCs being made in Britain. The entire PC, with the exception of the screen, is no larger than what was an external hard drive or DVD drive some years back and takes up very little space indeed.

Then there is/was also the Cherry Pal PC, though it would appear not much has been heard of this one for a while now, though, according to their website they still seem to be in existence. When it comes to the specs, however, it would appear that the Broadleaf PC from VeryPC is superior, as it has a proper internal hard drive of 250GB rather than just a 16GB flash memory.

The old larger machines, while, maybe, as said, not all that energy efficient, and that is due to the power supply, which all too often is far to big, in more than one sense of the word, still have much to offer too in way of sustainability than other computers. The latter simply because of the fact that they can be easily repaired and upgraded and that because of the way they are constructed and the fact that they are in a large (metal) case.

I am at a loss, to be perfectly honest, why people wish to declare the desktop PC for dead and try to get consumers and businesses onto laptops and netbooks and the cloud. If I would be so inclined I would, maybe, begin to read a lot more into this and one, possibly, should ask the “Quo bono?” question here.

One of the biggest problems with power consumption in a computer is bloated software, from operating systems to the rest. Microsoft Windows is getting bigger and bigger and, Windows also has the nasty habit of permamanetly doing something in the background. Even when the PC is not, actually, processing information the hard drive is spinning most of the time, which is noticeable from the HDD light being on. Not something that happens with, for instance, Linux operating systems.

Linus Ubuntu, even in its latest reincarnations, still comes on a CD (700MB) with all the additional software you may wish for, even for small business use, while MS Windows takes up several DVDs by now at 4GB each. It is therefore no wonder that old PCs are “obsolete”, as far as Windows OS is concerned, within a couple of years. No such problem with Open Source Operating Systems and general Open Source software.

An old(er) desktop PC, with Linux, can still outrun a dual-core laptop with Windows Vista or Windows 7 in startup time and general operations and thus we, who wish to keep things out of the waste stream should very much consider hanging on to those machines and improving them with the right software and the right hardware upgrades, where possible and affordable.

The desktop PC is not dead...

© 2011