|
Internet Security News
Breaking news and updates in Internet security
Last Updated: February 9th, 2010 02:27:23 CST -0600
MessageLabs Names Most- (And Least-) Spammed States
When considering where to live, it's wise to look up stats about an area's climate, the cost of living, and its proximity to other important stuff in your life. Symantec's MessageLabs recently supplied some information about your odds of getting spammed, too.
 | | MessageLabs Names Most- (And Least-) Spammed States |  |
Somewhat surprisingly, the states you might imagine as being the "most wired" - California, New York, Washington - weren't at the top of the list. Instead, the state in which spam represents the highest percentage of all emails received is Idaho, with 93.8 percent.
In an email to SecurityProNews, a Symantec/MessageLabs representative then listed the other top states (in order) as Kentucky, New Jersey, Alabama, Illinois, Indiana, Massachusetts, Pennsylvania, Arizona, and Maryland.
The U.S. territory of Puerto Rico wound up on the opposite end of the list, followed by Montana, Alaska, Kansas, South Dakota, Tennessee, Vermont, Rhode Island, Wisconsin, and Florida.
We're not quite sure what to make of these findings; the states don't appear to be ordered according to Internet penetration rates, GDP per capita, overall population, physical size, or anything else. Still, if you're looking to move, now you have a better idea of how to decrease the odds of getting bombarded with spam at your new home.
Enormous Malware Archive Creates Stir
A Dutch company known as the Frame4 Group has created what's almost the computing equivalent of a Center for Disease Control lab. The Malware Distribution Project is, according to its own site, the "world's biggest private malware archive."
 | | Enormous Malware Archive Creates Stir | |
Don't jump to the conclusion that the project's run by a bunch of supervillains; the malware samples are supposed to be "offered for the purposes of analysis, testing and malware research."
Also, customers are screened, and a monthly access fee of about $1,235 should act to keep out some of the riffraff.
It actually seems possible that the Malware Distribution Project could be of great help to the security community. When you consider that medical researchers don't have to wander from house to house, asking people if they have cancer, every time they want to start a new experiment, certain practices start to seem a little outdated.
There is a potential for problems, though. One nightmare scenario relates to the Malware Distribution Project's figurative walls failing and everything getting out. Having all of that malware run amuck at once - particularly if security researchers' computers were the first things it'd come across - would be bad.
Then there's the possibility that some unpleasant person would gain access to the Malware Distribution Project's archive and just sort of go on a shopping spree. This way, some relatively stupid hacker might be able to get his (or her) hands on the most sophisticated viruses in existence.
As you might imagine, the Malware Distribution Project is definitely proving divisive.
Anyway, at last count, the repository contained a whopping 3,336,503 files.
UPDATE (10-13-09): Anthony Aykut, the Managing Director of Frame4 Security Services, got in touch with SecurityProNews this morning to pass along some information. In an email, he wrote, "[T]he malware is neither downloadable via the web site or accessible in any other way via the www; in fact, the (secure) servers where the malware is stored (or analyzed/processed) is not even connected to the outside world."
Aykut also stressed that nothing is sold to the public, and added, "Largely due to the security measure(s) mentioned above, and also based on to the fact that the storage media are protected by biometric devices, getting access to the MD:Pro archive is, well, pretty impossible."
Avsim Hacker (Maybe) Brought Before Cops
Perhaps people who like to spend their spare time in the cockpits of imaginary F-16s should be left alone. The man in charge of a flight simulator site that was attacked claims to have identified the hacker and forwarded information to the authorities.
 | | Avsim Hacker (Maybe) Brought Before Cops | |
Avsim is one of the best-known flight sim communities in existence. It's been around for a long time, too. Unfortunately, a hacker managed to wipe about a decade's worth of modification info and forum posts from the site's servers back in May.
Now, though, Tom Allensworth, the publisher and CEO of Avsim, has told the BBC, "We . . . have incontrovertible evidence of the individual that performed the hack. We have protected the forensic evidence and provided that evidence to the London police. We are committed to bringing justice to bear on this case."
Allensworth is confident in the outcome, too, adding, "We fully expect that the criminal complaint . . . will result in the perpetrator spending some time behind bars - under UK law." (Since Avsim's located in the US, this means he's not pushing for extradition or anything of that sort.)
Neither London's Metropolitan Police Service nor the accused individual (who hasn't been publicly named) has made any comment yet.
Email Password Hackers Present Real Threat
The next time you have something really important to tell someone, consider whether a drive over to his or her house wouldn't be a nice way of spending a few minutes. One reporter has found that it's quite easy (and perhaps all too common) for people to buy email accounts' passwords from hackers.
 | | Email Password Hackers Present Real Threat | |
Tom Jackman wrote in an article for the Washington Post, "[S]ervices as YourHackerz.com are still active and plentiful, with clever names like 'piratecrackers.com' and 'hackmail.net.' They boast of having little trouble hacking into such Web-based e-mail systems as AOL, Yahoo, Gmail, Facebook and Hotmail, and they advertise openly."
Jackman found that prices for passwords range from around $30 to $100, which means that even the average ten-year-old can probably afford these hackers' services.
Plus, unless someone important is involved or things get rather serious, law enforcement isn't terribly likely to look into (or at least resolve) the matter, because accessing a computer without authorization is just a misdemeanor in most areas and tracking down a perpetrator can be difficult.
And it doesn't help, of course, that all of these facts have now been publicized in a widely-read newspaper.
So if you've got some nasty business rivals or psycho exes, at least try to play it safe by changing your password often for as long as you're in the person's sights. Then there's always the option of putting a few more miles on the odometer, too.
Laptops, CDs Alarm Governors, Credit Unions
Today's lesson - that stuff in the physical world can pose a security threat - is a simple one. It seems to be an important one, too, as governors and credit unions are receiving unsolicited and suspicious laptops and CDs.
 | | Laptops, CDs Alarm Governors, Credit Unions | |
The laptops may represent the more interesting development. Robert McMillan reports, "The U.S. Federal Bureau of Investigation is trying to figure out who is sending laptop computers to state governors across the U.S., including West Virginia Governor Joe Mahchin and Wyoming Governor Dave Freudenthal. . . . According to sources familiar with the investigation, other states have been targeted too . . ."
New HP laptops are apparently just showing up, unsought but ready for use, at government offices. That's fine if some Bill Gates-like figure has decided to give small gifts to our country's political leaders, of course. It's less fine if someone's trying to steal all of their passwords and whatever sort of public and private info they'd use the laptops to view.
As for the CDs, the problem appears to be smaller. Indeed, the discs probably just exposed some lapses in judgment. Malware infected CDs that were sent to credit unions were "part of an authorized pen[etration] test," according to Johannes Ulrich, who spoke with a Microsolved representative.
It doesn't look like any damage has been done, then. Just try to keep in mind the old warnings about knowing where stuff's been and gifts being too good to be true.
Majority Of User Generated Comments Are Spam
Social media sites allowing user-generated content are a main target for cybercriminals and spammers, according to a new report by Websense about the state of Internet security in Q3 and Q4 of 2009.
 | | Firefox Add-Ons Caught With Malware | |
The report found that 95 percent of user generated comments to blogs, chat rooms and message boards are spam or malicious.
Websense identified 13.7 percent of searches for trending news/buzz words (as defined by Yahoo Buzz & Google Trends) led to malware. Search engine optimization poisoning attacks target the top searches allowing hackers to drive traffic to their sites.
Overall, comparing the second half of 2009 with the same period in 2008, there has been an average growth of 225 percent in malicious websites. Malware authors continue to capitalize on website reputation and exploiting user trust with the second half of 2009 revealing 71 percent of websites with malicious code are legitimate sites that have been compromised.
"Malicious hackers are really focusing their efforts to ensure they're driving their victims straight to them, said Dan Hubbard, Chief Technology Officer, Websense.
"By poisoning search results and focusing on Web 2.0 sites, their efforts are often more efficient and effective. The blended nature of today's threats combined with compromised legitimate sites, takes full advantage of an increased perception of trust when using search engines and interacting with friends or acquaintances online."
Other highlights from the report include:
--Websense Security Labs found that 35 percent of malicious Web attacks included data-stealing code, demonstrating that attackers are after essential information and data.
--Websense Security Labs found that 35 percent of malicious Web attacks included data-stealing code, demonstrating that attackers are after essential information and data
--Websense Security Labs identified that 85.8 percent of all emails were spam.
Firefox Add-Ons Caught With Malware
Around 4,600 Firefox users who followed the rules in terms of acquiring add-ons (meaning not getting them from all over the 'Net) may still have picked up some malware. Mozilla admitted today that two add-ons available through the official Add-on for Firefox page came with unwelcome companions.
 | | Firefox Add-Ons Caught With Malware | |
Master Filer and Version 4.0 of Sothink Web Video Downloader contained Trojan code aimed at Windows users, according to a post on the Mozilla Add-ons Blogs. It explained, "If a user installs one of these infected add-ons, the trojan would be executed when Firefox starts and the host computer would be infected by the trojan. Uninstalling these add-ons does not remove the trojan from a user's system."
Another troubling fact is that the add-ons were available for a very long time (Mozilla cited download numbers from 2008 and 2009 in addition to this year).
Fortunately, a relatively large number of antivirus programs can detect the malware. Antiy-AVL, Avast, AVG, GData, Ikarus, K7AntiVirus, McAfee, Norman, and VBA32 products have all proven capable of sniffing it out.
Also, as of now, Mozilla's using three scanners to inspect add-ons that are uploaded to its site. Just one was in place when Master Filer and Sothink Web Video Downloader 4.0 were introduced.
Google, NSA May Team Up
Fair warning: this isn't yet official, and the original whispers about it didn't come from anyone who's willing to be named. Still, a report's indicated that Google and the National Security Agency are prepared to work together for the sake of online security.
 | | Google, NSA May Team Up | |
The Washington Post's Ellen Nakashima wrote this morning, "[T]he National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter."
She then continued, "The objective is to better defend Google - and its users - from future attack."
In theory, this would benefit everyone. The NSA is of course an expert on matters pertaining to espionage and communications, so the organization's insights could be valuable. Both Google and the average individual (to say nothing of Chinese dissidents) stand to lose a lot when information is compromised by hackers.
At the same time, the deal that's under discussion supposedly wouldn't give the NSA access to any data that could compromise individuals' privacy, so people who are worried about the U.S. government's interest in their activities would be covered.
It should be interesting to see what happens. Google's got something of a reputation for not cooperating with government agencies, and altering that pattern could have a negative effect on public opinion and its market share.
Or other search engines might lose if people feel they're not making enough of an effort on the security front.
Unfortunately, Nakashima wasn't able to provide a timeframe regarding when something will be announced.
"[T]he deal is taking weeks to hammer out," she reported, and at this point in time, it "is still being finalized."
Infineon Chip's Weakness Discovered
The Infineon SLE 66 CL PE chip can be found in a lot of products, including smart cards, the Xbox 360, and normal computers. It's a good chip, too, with lots of security measures in place. But it could perhaps use a few more, as a researcher has figured out how to compromise it.
 | | Infineon Chip's Weakness Discovered | |
Christopher Tarnovsky, who works for Flylogic Engineering, employed electron microscopy to achieve the feat. Tim Wilson reports, "Using a painstaking process of analyzing the chip, Tarnovsky was able to identify the core and create a 'bridge map' that enabled the bypass of its complex web of defenses, which is set up to disable the chip if tampering occurs."
Then, "After creating the map, he used ultra-small needles to tap into the data bus - without disturbing the protective mesh - and essentially 'read' all of the chip's stored data, including encryption keys and unique manufacturing information."
Obviously, this isn't a quick, easy, or inexpensive procedure. It took Tarnovsky about nine months to perfect his approach, and electron microscopes don't exactly litter the floor of the average hacker's house (new units often sell for at least $70,000).
It looks like Infineon either has some work to do or some admissions to make, though.
Twitter Affected By Phishing Scare
Another security scare spread through the Twitter community this morning. Emails sent by Twitter advising members to reset their passwords created a bit of a stir, as account lockouts were occurring simultaneously and people were concerned that the messages had come from phishers.
 | | Twitter Affected By Phishing Scare | |
The emails stated in part, "Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset. Please create a new password by opening this link in your browser."
Of course, as it turns out, the emails were legitimate, and the links led people to the official Twitter site. So the bit about the phishing attack occurring off-Twitter should comfort everyone who was anxious about the situation.
Still, it's understandable that the mention of phishers put a lot of folks on high alert. Furthermore, the word "Twitter" wasn't capitalized in the subject line of the official email, and typographical slipups of that nature often act as red flags.
Anyway, Twitter wants everyone to know that only a small number of accounts were affected, and that its @help and @spam accounts are useful resources under conditions like these. Twitter provided the standard tips about password strength, too.
|
