Monthly Archives: April 2008

GTA IV - free!!

Image (1) mrv_ps3grndthfauto_landing_02.jpg for post 19780

Yesterday saw the release of Grand Theft Auto IV (GTA IV), arguably the most eagerly awaited game of the year. Never ones to drag their feet, spammers are already hoping to catch gamers out with the offer of a free Read more…

More poisoned adverts - Yahoo!

Default image

Over the weekend the Spyware Sucks blog talked about Yahoo! serving up poisoned adverts via one of their websites. Subsequent posts suggested that Sandi Hardmeier had not received a favorable resolution after informing Yahoo! of this issue. On Monday The Read more…

I spy with my private eye..

Default image

Regular visitors to the Sophos website will be familiar with the case of Ruth and Michael Haephrati, the husband-and-wife team who wrote a Trojan horse and then sold it to detective agencies in Israel who used it to help business rivals Read more…

Virus-writing contests are still a bad idea

Default image

There has been a right hoohah in the media and blogosphere about the "Race To Zero" contest being arranged for the next Defcon conference.    In a nutshell, the "Race To Zero" organisers think it's a good idea to encourage people to Read more…

Game Over!

Default image

Many people with even a vague interest in security will be aware of Defcon. The Vegas-based hacker conference is held as a yearly event where security experts and enthusiasts alike are able to present and attend lectures addressing various issues Read more…

Facebook, trolls, temples and death threats

Default image

Thanks to those of you who have dropped me a line in the last week or so following this story on The Register, "Facebook Troll sends mob against Cluley." As the news story explains, some pumpkin-brain on Facebook thought it would Read more…

Alleged webcam peeping tom charged in Canada

International webcam child abuse ring uncovered by routine police visit

Working in the computer security industry does mean from time-to-time that we come across some pretty unpleasant stories from the internet underworld.  In the past we've told you about the lowlives who have preyed upon young women via webcams, using Read more…

German spooks deploy spyware against Afghan ministry?

German spooks deploy spyware against Afghan ministry?

An interesting news story broke this weekend in Germany.  According to reports in Der Spiegel, the BND - Germany's foreign intelligence service - used spyware to monitor the Ministry of Commerce and Industry in Afghanistan. Confidential documents, passwords and email Read more…

Infiltrating botnets

Default image

I read an interesting paper this morning written by folks at the University of Mannheim and Institut Eurecom. In the paper they present results of research in which they monitored the P2P botnet of Storm, with a view to understanding, Read more…

Phish of the day

Wanted, dead or alive - Black Screens

Even in an otherwise quiet Saturday there are several phishing campaigns worth mentioning. The first is a campaign targeting Abbey UK bank. This is a standard but well orchestrated and sustained spamming using several newly created domains. A botnet (or Read more…

Happy Birthday SophosLabs Blog

Default image

With all the excitement of my vacation and Infosec, the fact that the SophosLabs blog is now one year old escaped me. I posted the first entry on April 19th last year following a malware attack using the tragedy at Virginia Read more…

Do you recognise him?

Image (1) netmonster.jpg for post 19774

With no end of malware these days aggressively targeting peoples' finances and personal data it was a surprise this morning to see a simple VBS script worm, apparently written with the sole aim of airing a personal grievance. VBS/AutoRun-DQ displays Read more…

Shifting sands in the P2P landscape

Default image

Some new research published by the Digital Music News Research Group has revealed some interesting changes in the use of peer-to-peer file-sharing applications. Limewire rules the roost - according to the Digital Music News Research Group's data it accounted for Read more…

Fraudsters target fears over identity theft

How to clean up the Duh iPhone worm

The internet is a great place for fraudsters to con naive computers users by appealing to their fears and desires. Fake/fraudulent anti-malware (anti-virus, anti-spyware etc.) applications have been around for a long time and we see a regular influx of Read more…

Malware with a sprinkle of religious conscience?

Image (1) 1.jpg for post 19772

Today was a most unusual day; I analyzed two malware samples which contained religious themes in two completely different contexts. Before I go ahead and talk about these two samples, I want to apologize if anyone is offended by my Read more…

Want to become invulnerable? Now you can!

Image (1) invulnerable-text.jpg for post 19771

Back when I was growing up, I remember playing video games such as Super Mario Brothers and thinking to myself, "Boy, I wish I could get star power and become invulnerable!". Well dream no more, let me introduce you to Read more…

Will you be wishing Trojan Horses a happy birthday tomorrow?

Default image

If my maths is right (and it probably isn't), Trojan horses will be 3193 years old tomorrow. Yes, according to military historians the city of Troy fell to the Greeks on April 24, 1184 BC, following a ten year siege. Read more…

Don't send login credentials via email

Security by accident, or security by design?

In the last couple of hours, we've seen spam messages, obviously sent by hackers (as opposed to your run-of-the-mill spammer), claiming to be from the .edu domain administration department, asking the recipients for their login id and passwords. For your Read more…

Malicious SQL injection

Image (1) sqlinj1.png for post 19769

We have blogged a few times recently about a fairly widespread and aggressive attack used to compromise web pages by inserting a malicious script tag (which loads a malicious script from a remote site) [1,2,3]. Aside from the usual plethora Read more…

Meet SophosLabs at Infosecurity Europe in London

Default image

This week Mark Harris and I will be at the Infosecurity show in London, Olympia. Infosecurity is the biggest European Information security show and a very good opportunity to find out more about new products and security trends. Sophos stand, Read more…