Forums

 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages 
The Computer Virus Industry
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9  Next
 
Post new topic   Reply to topic    Fortean Times Message Board Forum Index -> Conspiracy - general
View previous topic :: View next topic  
Author Message
rynner2Offline
What a Cad!
Joined: 13 Dec 2008
Total posts: 25932
Location: Under the moon
Gender: Male
PostPosted: 02-03-2011 07:47    Post subject: Reply with quote

Britons caught out by booby-trapped web ads

Tens of thousands of people could have been caught out by cyber criminals who put booby-trapped adverts on popular webpages.
The criminals racked up the victims by compromising the computers used by ad firm Unanimis to display adverts to popular websites.

The ads appeared on the websites of the London Stock Exchange, Autotrader, the Vue cinema chain and six other sites.
Unanimis said it moved quickly to pull the adverts once they were discovered.
It said it was now investigating how the criminals managed to inject their booby-trapped ads into its feed.

David Nelson, operations and IT director at Unanimis, told the BBC that security alerts revealed the existence of the booby-trapped adverts at 1800 GMT on 27 February.
Clearing out the adverts took about three hours, said Mr Nelson.
A preliminary investigation revealed that "unauthorised access" to the ad servers allowed the criminals to inject their malicious code.

Mr Nelson said Unanimis was still investigating how the criminals got access as the firm has security systems in place that check adverts are safe before they are distributed.
"The [adverts] they chose to modify were not being widely distributed," said Mr Nelson. This, coupled with the attack taking place on a Sunday evening, limited how many people fell victim.
"We have to count ourselves lucky in some respects," he said.

The bad ads exploited vulnerabilities in software used on Windows PCs to make it look like a machine had been hit by a virus.
Then it displayed a bogus diagnostic screen telling users that their PC was infected. It asked for payment to remove the "infection".
Mr Nelson said it was still trying to work out how many people had seen the booby-trapped ads.
He speculated that a "few percent" of Unanimis audience would have been hit. He declined to identify all the sites that had shown the adverts but said all those affected had been informed.

Patrik Runald, senior research manager at Websense, said its analysis suggested a lot of people had been caught out.
"We believe that quite a large number of sites were showing these adverts," he said, adding that the number of victims could be in the "tens of thousands".

The criminals behind the bad ads typically loaded their attack tools with code that exploited many different vulnerabilities in Windows programs.
Java and software from Adobe was become a favourite among hi-tech criminals, he said.

Mr Runald said cyber criminals liked to subvert advertising systems because it was a good way to get their malicious code put on popular sites with only a little effort on their part.
"Such malvertising is reasonably common," said Mr Runald. "It does not happen every day but it does happen every month or so."

http://www.bbc.co.uk/news/technology-12608651
Back to top
View user's profile 
WhistlingJackOffline
Joined: 29 Oct 2003
Total posts: 4298
Location: The Sewers of The Strand
Age: 10
Gender: Unknown
PostPosted: 02-03-2011 11:38    Post subject: Reply with quote

BlackRiverFalls wrote:
I got infected with XP Internet Security virus the other week, it's the absolute nastiest one i've seen yet, figured it was probably malware quite early on (it pretends to be a Microsoft security product) then took about two hours to figure out how to get past the block it had put on my internet access.

It also crashes your browser if you try to download certain antivirus apps Sad totally from hell to do a manual clean-up on, and most of the stuff that can shift it you have to pay for.


Nasty. I wonder if using a USB program like Revo Uninstaller Portable would let you get at it?
Back to top
View user's profile 
Black River FallsOffline
I wear a fez now.
Joined: 03 Aug 2003
Total posts: 8716
Location: The Attic of Blinky Lights
Age: 45
Gender: Female
PostPosted: 02-03-2011 12:26    Post subject: Reply with quote

oddly enough, Rynner's post above may explain a number of things, it's been a mystery how that got on my machine but I had been on Vue's website around that time.

i've manage to neutralise it for now with Spyhunter. it wants payment for a full removal (and you only get a 6 month license) but it will quarantine it in order to run, and leave it quarentined after you uninstall. it's not much odds to me whether it's quarentined or not there at all if it can't do anything.

AVG antivirus and a few others I tried, oddly enough, couldn;t find it at all. Or maybe it's too new a varient to be in their definitions.
Back to top
View user's profile Visit poster's website 
WhistlingJackOffline
Joined: 29 Oct 2003
Total posts: 4298
Location: The Sewers of The Strand
Age: 10
Gender: Unknown
PostPosted: 02-03-2011 12:32    Post subject: Reply with quote

Seriously, give Revo a go - it's excellent at getting rid of all traces of installations (if it finds the program in the first place, of course).
Back to top
View user's profile 
Pietro_Mercurios
Heuristically Challenged
Gender: Unknown
PostPosted: 02-03-2011 14:45    Post subject: Reply with quote

BlackRiverFalls wrote:
...

AVG antivirus and a few others I tried, oddly enough, couldn;t find it at all. Or maybe it's too new a varient to be in their definitions.

AVG used to do a downloadable CD version which was based on linux. You have to have a wired connection to the internet, but once it's loaded and booted, it will do an update to the latest version and it does a pretty thorough search.

http://www.avg.com/us-en/avg-rescue-cd

Also, try Malwarebytes, install it, update it and let it run. Has been pretty effective on my machines in the past.

http://www.malwarebytes.org/

Good luck.
Back to top
View user's profile 
los_grandes_lutzOffline
You have no new messages
Joined: 15 Apr 2010
Total posts: 339
Gender: Male
PostPosted: 05-03-2011 22:57    Post subject: Reply with quote

Cultjunky wrote:
I rushed out and bought Kaspersky 2011, for a whopping £20,


Rather than pay full price for Kaspersky, I buy a previous version (9 or 10) from ebay for around £6. These versions allow a free upgrade to the latest version 2011.

Of course when it comes time to renew, it means completely uninstalling the old Kaspersky and installing a new "old" version with a new serial number and then upgrading again.

Or you can look at online at computer retailers like aria.co.uk or ebuyer.co.uk and get an OEM version of Kaspersky 2011 (same thing, but no boxes or booklets) for around £10 for 1 user and £18 for 3 users for one year.
Back to top
View user's profile 
CultjunkyOffline
Great Old One
Joined: 26 Jan 2009
Total posts: 1427
Location: Leeds
Age: 44
Gender: Female
PostPosted: 05-03-2011 23:27    Post subject: Reply with quote

Top tip, Thanks Smile
Back to top
View user's profile 
rynner2Offline
What a Cad!
Joined: 13 Dec 2008
Total posts: 25932
Location: Under the moon
Gender: Male
PostPosted: 29-03-2011 15:10    Post subject: Reply with quote

I was playing Spotify when I found this! Shocked

Spotify ads hit by malware attack

Spotify has apologised to users after an advertisement containing a virus was displayed to some users of the music-streaming service.
The advertisement, which appeared within Spotify's Windows desktop software, did not need to be clicked on in order to infect a user's machine.
The exploit would install a bogus 'Windows Recovery' anti-virus program.

"Users with anti-virus software will have been protected," Spotify said in a statement.
"We quickly removed all third party display ads in order to protect users and ensure Spotify was safe to use.
"We sincerely apologise to any users affected. We'll continue working hard to ensure this does not happen again and that our users enjoy Spotify securely and in confidence."
The vulnerability only affects users with free subscriptions.

Security research specialists Websense said it received the first report of "malvertising" on the service at 11:30GMT on 24 March, noting that it used the Blackhole Exploit Kit - a tool for hackers - to carry out the attack.

Malvertising is usually confined to content viewed through web browsers, but this instance was displayed within the Spotify software itself for people with a free membership.
"The application will render the ad code and run it as if it were run inside a browser," explained Websense's Patrik Runald in a blog post.
"This means that the Blackhole Exploit Kit works perfectly fine and it's enough that the ad is just displayed to you in Spotify to get infected, you don't even have to click on the ad itself.
"So if you had Spotify open but running in the background, listening to your favorite tunes, you could still get infected."

Avast! anti-virus said the majority of their users reporting infections were from Sweden (59%), while 40% of virus reports relating to the vulnerability came from the UK. The rest were from other countries.

One affected user told the BBC: "I hadn't clicked on any advert but it did appear to download itself at the same time as the first advert image popped up in the Spotify program.
"The virus then began popping up on my desktop, telling me that I had a critical hard drive failure and would need to restart.
"It won't stop me using Spotify but did cost me about six hours to figure out what had happened and restore everything back to normal."

Spotify, which is based in Sweden, has over ten million users, most of which use the free service.

http://www.bbc.co.uk/news/technology-12891182

I've had no trouble, so I guess my AV saved me.
Back to top
View user's profile 
JonfairwayOffline
Great Old One
Joined: 09 Mar 2005
Total posts: 1256
Gender: Unknown
PostPosted: 01-04-2011 12:41    Post subject: Reply with quote

hmmmm seems to be a shortage of real conspiracys being available to discuss.

there will always be people trying to disrupt by creating malware and viruses, this does not mean that companys like sophos etc are the perps making this happen.

if you want to look at something suspicious, still not a conspiracy mind, ask yourself this.

why do all the ISP not block email borne viruses before they even get deleivered, companys use apps to do this at the network perimeter, as do companys like blackspider.

perhaps the only conspiracy is to rob businesses of some money to pay for extra security.

ISP's are in the perfect position to sort this once and for all , could it be some sort of legistration that stops them blocking ?

Even Google mail do not trust their own attachements going though to customers in PDF format, they issue a warning !!!!

I don't think its a conspiracy though
Back to top
View user's profile 
Heckler20Offline
The Sockpuppet of
Joined: 16 Jul 2004
Total posts: 4980
Location: In the Nostril of The Crawling Chaos
Gender: Unknown
PostPosted: 01-04-2011 14:10    Post subject: Reply with quote

Jonfairway wrote:
I don't think its a conspiracy though


The ISP that delivers mail to a company doesn't scan for viruses either, it just delivers, in the same way it delivers data packets to the punter in the home. It is the company's responsibility to scan the emails for viruses/malware/spam just as it's the end user's responsibility to scan theirs.

And even if the ISP did scan all incoming mail for viruses what would they do with that mail, quarantine it (and deal with a flurry of calls to release the emails) or delete it (and deal with a flurry of calls to find out why a mail wasn't delivered)?
Back to top
View user's profile 
rynner2Offline
What a Cad!
Joined: 13 Dec 2008
Total posts: 25932
Location: Under the moon
Gender: Male
PostPosted: 01-04-2011 21:35    Post subject: Reply with quote

Sites hit in massive web attack

Hundreds of thousands of websites appear to have been compromised by a massive cyber attack.
The hi-tech criminals used a well-known attack vector that exploits security loopholes on other sites to insert a link to their website.

Those visiting the criminals' webpage were told that their machines were infected with many different viruses.
Swift action by security researchers has managed to get the sites offering the sham software shut down.

Security firm Websense has been tracking the attack since it started on 29 March. The initial count of compromised sites was 28,000 sites but this has grown to encompass many times this number as the attack has rolled on.

Websense dubbed it the Lizamoon attack because that was the name of the first domain to which victims were re-directed. The fake software is called the Windows Stability Center.

The re-directions were carried out by what is known as an SQL injection attack. This succeeded because many servers keeping websites running do not filter the text being sent to them by web applications.
By formatting the text correctly it is possible to conceal instructions in it that are then injected into the databases these servers are running. In this case the injection meant a particular domain appeared as a re-direction link on webpages served up to visitors.

Early reports suggested that the attackers were hitting sites using Microsoft SQL Server 2003 and 2005 and it is thought that weaknesses in associated web application software are proving vulnerable.

Ongoing analysis of the attack reveals that the attackers managed to inject code to display links to 21 separate domains. The exact numbers of sites hit by the attack is hard to judge but a Google search for the attackers' domains shows more than three million weblinks are displaying them.
Security experts say it is the most successful SQL injection attack ever seen.

Generally, the sites being hit are small businesses, community groups, sports teams and many other mid-tier organisations.

Currently the re-directs are not working because the sites peddling the bogus software have been shut down.

Also hit were some web links connected with Apple's iTunes service. However, wrote Websense security researcher Patrick Runald on the firm's blog, this did not mean people were being redirected to the bogus software sites.

"The good thing is that iTunes encodes the script tags, which means that the script doesn't execute on the user's computer," he wrote.

http://www.bbc.co.uk/news/technology-12933053

Today I got an attack by the virus sent via Spotify (see earlier post).
Happily, being prewarned, I didn't click any links.
Back to top
View user's profile 
rynner2Offline
What a Cad!
Joined: 13 Dec 2008
Total posts: 25932
Location: Under the moon
Gender: Male
PostPosted: 07-04-2011 09:13    Post subject: Reply with quote

Millions hit by email hackers: Marks & Spencer warns online customers about cyber criminals
By Sean Poulter
Last updated at 8:46 AM on 7th April 2011

Millions of email addresses belonging to British shoppers have been stolen by criminal hackers.
Marks & Spencer yesterday sent warning messages to many online customers who have supplied the store with email addresses.
Britons who use Play.com and TripAdvisor have also been sent similar warnings.

Victims of the theft risk being targeted in spam and phishing scams. This could result in them logging on to bogus websites set up by criminal gangs.
Once on these websites, it is feared that personal information, including passwords and bank details, could be stolen.
There is also a danger that bugs and malicious spy software could be downloaded to victims’ home computers.

The alerts raise serious questions about security systems operated by major internet brands and their technology partners.
They will also shake consumers’ trust in online shopping – and could encourage shoppers to move back to the High Street.

The M&S security failure relates to a U.S. email company, Epsilon, which has been targeted in what has been called the ‘biggest data breach ever’.
Epsilon, one of the largest email marketing companies in the world, sends more than 40billion emails annually on behalf of more than 2,500 clients.
The unrelated thefts involving M&S, Play.com and TripAdvisor reflect a growing and lucrative black market in personal email addresses.

M&S sent an email to customers yesterday, warning: ‘We have been informed by Epsilon, a company we use to send emails to our customers, that some M&S customer email addresses have been accessed without authorisation.
‘We wanted to bring this to your attention as it is possible that you may receive spam email messages as a result.
‘We apologise for any inconvenience this may cause you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.’

M&S stressed that the theft was limited to names and email addresses, rather than other personal information and account details.
However, this is all that criminals need to launch targeted and personalised spam attacks, known as spear phishing.

Britain’s biggest retailer, Tesco, also uses Epsilon. However it categorically denied that its customer details have been hacked.

etc...

Read more: http://www.dailymail.co.uk/news/article-1374009/M-S-hit-email-hackers-Marks-Spencer-warns-online-customers-cyber-criminals.html#ixzz1IpJvwtaS
Back to top
View user's profile 
ramonmercadoOffline
Psycho Punk
Joined: 19 Aug 2003
Total posts: 21351
Location: Dublin
Gender: Male
PostPosted: 05-05-2012 22:15    Post subject: Reply with quote

Quote:
Religion riskier than porn for online viruses: study
http://phys.org/news/2012-05-religion-riskier-porn-online-viruses.html
May 1st, 2012 in Technology / Internet

Web wanderers are more likely to get a computer virus by visiting a religious website than by peering at porn, according to a study released on Tuesday.
Web wanderers are more likely to get a computer virus by visiting a religious website than by peering at porn, according to a study released on Tuesday.
"Drive-by attacks" in which hackers booby-trap legitimate websites with malicious code continue to be a bane, the US-based anti-virus vendor Symantec said in its Internet Security Threat Report.

Websites with religious or ideological themes were found to have triple the average number of "threats" that those featuring adult content, according to Symantec.

"It is interesting to note that websites hosting adult/pornographic content are not in the top five, but ranked tenth," Symantec said in the report.

"We hypothesize that this is because pornographic website owners already make money from the Internet and, as a result, have a vested interest in keeping their sites malware-free; it's not good for repeat business."

The report was based on information gathered last year by the Symantec Global Intelligence Network, which monitors cyber attack activity in more than 200 countries through its services and sensors.

Symantec said that it blocked 5.5 billion attacks in 2011 in an increase of 81 percent from the prior year.

In keeping with trends seen by other Internet security firms, Symantec reported surges in hacks aimed at smartphones or tablet computers and in attacks targeting workers in companies or government agencies.
Back to top
View user's profile 
ramonmercadoOffline
Psycho Punk
Joined: 19 Aug 2003
Total posts: 21351
Location: Dublin
Gender: Male
PostPosted: 18-06-2012 11:34    Post subject: Reply with quote

Quote:
Anti-virus software sucks up too much security cash claims study
http://www.bbc.com/news/technology-18456607

The report suggests some of the sums spent on cybersecurity are disproportionate to the threats faced

Related Stories

Cyber crime warnings for India Watch
Cybercrime threat 'on the rise'
Small firms 'easy targets' for cyber crime

Governments should focus more funds on policing the internet and less on anti-virus software, according to new research.

Computer scientists at the University of Cambridge carried out the cybercrime study after being approached by the UK's Ministry of Defence.

The report indicated that the UK was spending almost £640m annually on the problem.

It said less than £10m of that sum was spent on cybercrime law enforcement.

The team worked with colleagues in Germany, the Netherlands, the USA and UK to compile the study. They considered all the main types of cybercrime, including online payment and banking fraud.

Cybercrime swamp
Lead author Prof Ross Anderson also told the BBC that less government money should be spent on monitoring phone and internet communications.

He said that police in the UK were often months behind and too focussed on surveillance, because resources had been misallocated.

"Some police forces believe the problem is too large to tackle," he said.

"In fact, a small number of gangs lie behind many incidents and locking them up would be far more effective than telling the public to fit an anti-phishing toolbar or purchase anti-virus software. Cybercrooks impose disproportionate costs on society."

According to Prof Anderson it is mainly the US government - and the FBI in particular - that carry out the "heavy lifting" when it comes to pursuing cybercrime.

"Cybercrime has created a swamp," he added. "You need to drain the swamp by arresting people."

Protecting consumers
A Cabinet Office spokesman welcomed the report and said that the government believed the threat was serious and needed to be tackled.

"Our approach strikes the right balance between defending our interests and pursuing cybercriminals" he said.

The Cabinet Office pointed to extra investment of £650m over four years to fund more cyber-specialists in police forces across the country.

Prof Anderson also recommended improving consumer protection legislation for victims of credit card fraud.

He said that the fear of fraud by businesses and consumers was leading some to avoid online transactions, imposing an indirect cost on the economy.

He noted that consumers in countries like the Netherlands, Finland and Ireland enjoyed much stronger protection.
Back to top
View user's profile 
rynner2Offline
What a Cad!
Joined: 13 Dec 2008
Total posts: 25932
Location: Under the moon
Gender: Male
PostPosted: 07-07-2012 08:38    Post subject: Reply with quote

Could the internet really shut down?
Thousands of users around the world are likely to lose internet access on Monday thanks to a virus called DNS Changer – how bad could things get, asks Matt Warman, Consumer Technology Editor
11:46AM BST 06 Jul 2012

As viruses go, DNS Changer appeared fairly harmless – initiated in 2007, it simply generated fraudulent clicks on adverts, and made its Estonian creators something under £10million. Infected computers accessed the web slightly more slowly, but their users could be forgiven for not even noticing they had a so-called “botnet infection”, let alone realising that they were aiding a criminal gang.

In shutting down the virus, however, the FBI opened a can of worms that reveals what one analyst calls “a weakness in the internet’s infrastructure”. Dan Brown, director of security research at web firm Bit9, says that worse still the FBI’s “band-aid approach” mirrors how security as a whole has evolved on the web. “Generally,” he says, “it has preferred band-aids over real solutions”.

The problem arises because DNS Changer alters the directory that tells a computer the digital address to which intelligible sitenames refer: so rather than Amazon.co.uk leading you to the online bookshop, it redirects you to a fraudulent site, derives revenue from the invisible click and then passes you on to where you wanted to go. The FBI’s solution was simply to replace the criminal server, to tell people that something was wrong and to keep passing the traffic through. Now, however, it says that it can’t spend endless taxpayers’ money on maintaining that server. When it turns it off on Monday, some 350,000 people will lose their connections, of whom around 20,000 live in Britain.

“Security was not paid a great deal of attention while the Internet was first forming,” says Brown. “Now, years later, we’re stuck with the bill. It’s long been known what the fix for this particular problem is, but like kids eating vegetables, it’s something we put off as long as possible.”

It’s extremely unlikely that this could ever be repeated on the grand scale that would be required to make a major difference to the internet as a whole; but it is possible that the constant cat and mouse game of viruses versus security experts continues to cause a number of small problems that all add up to a decent sized headache. Even Apple has recently dropped the claim that its computers are immune from viruses. But nonetheless, the distributed nature of internet infrastructre lends itself to a secure, resilient network.

It’s worth emphasising, too, that those 500,000 affected by DNS Changer represent just a very tiny percentage of the 2 billion currently online. Even so, many of the 350,000 computers currently infected won’t know until Monday. And although preventable by any standard security software, there are still many users who aren’t sufficiently computer savvy to know how to keep themselves safe online. The “DNS Checker Page” allows users to see if they have the virus and to remove it, and has been largely responsible for the fall in the virus’s prevalence.

Brown suggests users should also limit future damage by using their computer’s “Guest” account for general surfing, so that any potential malware infections are confined and won’t have the ability to compromise individuals’ personal and sensitive data. But of course that would also deprive them of a host of the increasingly personalised features of modern computing. “Affected users will largely be relying on their ISPs or their technically-inclined nieces and cousins to help them figure out why they suddenly can’t access the Internet on July 9,” says Brown. For many, that basic technology advice is what keeps their increasingly vital computers online. In the future, more education than ever will be needed.

- Is your computer infected? Visit www.dcwg.org/detect/ to check and for links on how to remove the virus.

http://www.telegraph.co.uk/technology/internet/9381112/Could-the-internet-really-shut-down.html
Back to top
View user's profile 
Display posts from previous:   
Post new topic   Reply to topic    Fortean Times Message Board Forum Index -> Conspiracy - general All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9  Next
Page 7 of 9

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group