Monthly Archives: September 2010

How to make money with mobile malware

Image (1) old-phone.jpg for post 36117

Remember the old days of dialler Trojan horses? Back when most of us didn't have broadband at home, and connected to the internet via a modem, we saw a type of malware which could take advantage of the phone line Read more…

Are signed files safer than others?

Default image

Mike Wood of SophosLabs Vancouver presented "Want my autograph? The use and abuse of digital signatures by malware" at the 2010 Virus Bulletin conference. Mike's talk was focused on the trust that people and technology put into certificates and how Read more…

USA charges 60 people as part of international ZBot investigation

Zeus

The US Department of Justice has charged more than 60 people in connection with a criminal scheme involving the ZBot Trojan horse. ZBot, also known as Zeus, is a family of malware that can hijack your computer, making it part Read more…

Beware malicious LinkedIn invitation reminders

Beware malicious LinkedIn messages

In a world where cybercriminals frequently target users of social networks such as Facebook and Twitter on a regular basis, fans of business network LinkedIn don't get away scot free. Take, for example, this malicious attack that we have seen Read more…

A lesson in heuristic PDF detection

vb2010

Many of you are all too aware of the number of patches repairing flaws in Adobe's Reader and Acrobat software in the last couple of years. Their PDF reader is deployed on nearly all computers, which is too juicy of Read more…

Malicious JavaScript – tricks and traps

Malicious JavaScript

Along with my fellow Sophos bloggers, I'm currently attending VB2010, this year's Virus Bulletin conference, in sunny (honestly!) Vancouver, BC. My first trip to Vancouver was in 1999, the first time VB took place in the Pacific North West. (It Read more…

Inside Facebook security, and how to better protect your account

nick-graham-vb-2010

Facebook's Nick Bilogorskiy kicked off proceedings at the Virus Bulletin 2010 conference in Vancouver this morning, giving the social network's view on the scale of the cybercrime problem. Bilogorskiy, who heads up the anti-malware team at the social networking giant, Read more…

Microsoft issues emergency out-of-band patch for ASP.Net

Default image

Microsoft has responded to news of a serious security vulnerability in the way that ASP.Net web applications are secured by issuing an emergency patch. And you know that if a problem is serious enough for Microsoft decides to release a Read more…

Computer cops arrest 19 in dawn ZBot raid

Arrests in ZBot case

19 people have been arrested by British police, under suspicion that they stole millions of pounds from online bank accounts by installing malware. Detectives from the Metropolitan Police Central e-Crime Unit (PCeU) swooped a number of addresses in a dawn-time Read more…

Dumb messages from dumber malware authors

darks-assembly

From time to time we get some malware in which the authors have put in their own stupid messages. This one we got recently looks like an another attempt by a malware author to get some cheap publicity. Sophos detects this malware Read more…

September roundup - "90 Second News"

thumb-sep

Don't just read the latest computer security news - watch it in 90 seconds! This month: when internet access chose the government; Adobe battles another zero-day; Twitter suffers XSS woes; and the Stuxnet malware keeps on making the wrong headlines. Read more…

Choose your Fake Anti-Virus?

Image (1) 2a.jpg for post 20061

Today, at SophosLabs, we encountered another interesting rogue security software variant, Troj/FakeAV-BTN. When run, Troj/FakeAV-BTN poses as Microsoft Security Essentials Alert and detects only one file as "Unknown Win32/Trojan". When user wants to remove this fake threat, this malware offers Read more…

WTF? Twitter gets the goat as viral message spreads

Twitter gets the goat

Twitter has responded rapidly to shut down a new worm, which spread vulgar messages from many affected users' accounts saying they err.. were fond of goats. Some high profile Twitter users, including Robert Scoble, fell foul of the attack. Of Read more…

Personality test spreads across Twitter

twitter-personality-test-1

Has one of your Twitter friends invited you to take a personality test this weekend? A typical message might have read something like: Just took the personality test on Twitter <link> #personality test There certainly seem to have been plenty Read more…

"The Social Network" puts Zuck's life on display

Image (1) zuckoprah250.png for post 3524

When the time comes to sum up what 2010 meant to many internet users it may boil down to one word... Privacy. It all began in December 2009 when Eric Schmidt, CEO of Google, said during an interview on CNBC, Read more…

Old habits die hard. New habits die harder

Old habits die hard. New habits die harder.

Humans are creatures of habit. These habits – even if pointless, annoying, or, in extreme cases, immoral and possibly unlawful – can become invisibly and almost intractably ingrained. Many adults, for example, publicly masticate chewing gum almost continuously, even whilst Read more…

Stuxnet, Vancouver, and Virus Bulletin

thumb-stuxnet

The great and the good of the anti-virus industry are packing their suitcases and charging their iPads in readiness for a trip to Vancouver, the setting next week for the twentieth Virus Bulletin conference. It's the best opportunity that the Read more…

Girl killed herself, after her dad posted this to her wall? No, a new spin on a Facebook scam

Girl killed herself, after her dad posted this to her wall? No, a new spin on a Facebook scam

We've been monitoring a new spin on a Facebook scam, that claims a girl killed herself on Christmas Eve after her dad posted a message on her wall. Before we've documented both the related hoax warnings spread on Facebook, as well as scam pages that popped up trying to trick users into "liking" them, and the truth about the real woman's death that has been exploited by heartless cybercriminals.

Man convicted: a story of sadistic revenge, online sex and DDoS attacks

Man convicted: a story of sadistic revenge, online sex and DDoS attacks

Here's an extraordinary story of how an internet feud ignited into an attack which involved sadistic revenge, 100,000 compromised computers around the world, divorce and a man with his life in ruins. A 48-year-old American faces jail after being found Read more…

The names and faces behind the 'onMouseOver' Twitter worm attack

The names and faces behind the 'onMouseOver' Twitter worm attack

It's been over 24 hours now since many Twitter users around the world found that their pages had become infested by messages spreading virally across the network. The victims High profile victims of the "onMouseOver" worm included ex-Prime Minister's wife Read more…