-
- gcluley: TV tech hacked sports show's website to earn virtual cash http://t.co/zfPCm2mz34 minutes ago
- gcluley: Doctors shouldn't buddy up with patients on Facebook or Twitter, hospitals warn http://t.co/BJUgdb8Nabout 2 hours ago
- SophosSupport: Application control-list of apps for June release now available for review: http://t.co/RbsXuhjLabout 2 hours ago
- gcluley: Turns out that Brit jailed last week for FB hack broke into the a/c of Selena Gomez (Justin Bieber gf) http://t.co/W0iwAXBPabout 3 hours ago
- gcluley: Anatomy of a security hole - the break that broke sudo http://t.co/EEyGS0CMabout 5 hours ago
Monthly Archives: May 2008
SophosLabs blogger goes the extra mile
Many you of you will have read the regular postings on the SophosLabs blog from Zoe. She has become our resident expert on all matters regarding malware and internet gaming, as well as covering subjects like World of Warcraft in-game spam, safe surfing on Read more…
New Zealand hacker jailed in computer fraud and blackmail case
Last week, the High Court in Auckland, New Zealand, sentenced a hacker to three years in jail after finding him guilty of blackmail, document and computer fraud. 22-year-old Thomasz Grygoruk attracted the attention of the FBI after stealing personal information Read more…
Pushdo - Cold Calling
The author of Pushdo is still sending out new campaigns of his malware seeded in spam. I posted before about him using obscure APIs followed by GetLastError, so I thought I'd document some variations he's used since then. While still Read more…
Are you living in an identity theft hotzone?
Yesterday a report from Experian revealed that incidents of identity theft in the United Kingdom have risen 66 percent in the last year, with most victims living in London. According to Experian, residents in College Gardens in Tooting, south London, Read more…
Adobe Flash SWF exploit causes a stir
Yesterday we received several queries regarding a new memory corruption vulnerability affecting Adobe Flash Player and malware that exploits this vulnerability via malicious SWF files. We have received samples and can confirm that the threat is valid. Detection was issued Read more…
The Zlob Glob
An interesting website was brought to our attention yesterday. The server hosted a php file that can send out over 1500 different versions of the same malware. Each version was slightly different in an attempt to avoid detection. Most likely, Read more…
SPAM®, spam or flappertanknibble: What's in a name?
The first ever can of SPAM® was produced in 1937 by Hormel Foods in Austin, Minnesota, and they're still going strong. Hormel's latest set of financial results, show that SPAM® continues to sell well seventy years later, and for most Read more…
Google-redirected malware spams in new format
Since the last blog entry about Google-redirected malware, the spam campaign has not varied for some time. For those who have not seen this particular spam campaign, the Google-redirected links have the form of http://www.google.com/some_stringhttp://malicious_site_link Any user clicking on a Read more…
New celebrity pictures Trojan horse spammed
It seems like weekends are good opportunities for spamming out Trojans. About two hours ago we started receiving samples of the Trojan horse we now detect with Sophos Anti-Virus as Troj/Agent-HAH. The attachment name always seems to be xjolie.zip but message Read more…
To Junk Or Not To Junk
Following on from my colleague's post here concerning broken Sality infections, it is quite interesting to look at modern day polymorphic viruses and whether their propensity to junk files is wholly by accident or whether there is the occassional element of intent Read more…
Broken Sality keeps on giving
Since its initial appearance back in 2003 the Sality (aka KuKu) parasitic virus has come and gone from the radar as its authors continue to re-release updates but none has caused more interest than the W32/Sality-AM variant due to its Read more…
Manchester United fans in need of medication?
As ever the spam queues this afternoon are full of emails containing links to 'male enhancement' websites. One new trick for today is the use of Manchester United in the url name. Perhaps that's not surprising considering Manchester United's nail-biting Read more…
Russian social networking worm wipes hard drive files
Vkontakte is the most popular social-networking website in Russia with over 12 million users, and is said to be the most popular Russian website full stop in terms of visitors (yes, even beating their home grown search engines). It's sadly Read more…
Dear Friend
Yesterday we saw quite a few copies of a new, shameless as ever type of 419 email in our spam queues. The email starts off in the usual manner: Dear friend, I do not know your exact name. I can Read more…
Update on China quake cybercrime
Just minutes after I blogged about 419 scams exploiting the Chinese earthquake, we discovered a spammed malware campaign that is trying to infect people posing as breaking news of the disaster. The attack comes in the form of an attached malformed Word Read more…
Scammers cash in on Chinese earthquake disaster
Last week's earthquake in South West China has resulted in an official death toll of over 40,000, with many other people still missing. The scale of the tragedy and its huge impact on the lives of hundreds of thousands of people Read more…
Gathering evidence of phishing
Kudos to the police investigators who appear to have cracked a major international phishing operation with the charging of 38 suspected phishers. Investigations like this aren't easy - there's a lot of evidence that needs to be gathered (involving careful Read more…
Mobile phone monkey business strikes at another zoo
# The monkeys stand for honesty, giraffes are insincere, and the elephants are kindly but they're dumb # First it was Dublin, then Houston, and I've heard rumours about Milwaukee too. Now, a zoo in Brownsville, Texas, has been on the Read more…
Chain letters evolve, spread via SMS text message
Bahrain telecoms company Batelco has issued a press release warning cellphone users not to forward an SMS text message that has been doing the rounds in the kingdom. "Today is BATELCO Wireless 50th Anniversary Celebration Ceremony. Transfer this SMS to 10 Read more…
Latin American graffiti
In these days of one new malware-infected website being discovered every five seconds, it's easy to forget that not all web hacking is done for financial gain. This weekend, Spanish police arrested five teenagers suspected of hacking and defacing thousands Read more…
