MetaFilter posts tagged with malware

The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.

The Whelk — Mon, 15 Jun 2009 14:40:29 -0800

Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.

GhostNet

homunculus — Sat, 28 Mar 2009 22:55:33 -0800

Tracking GhostNet: Investigating a Cyber Espionage Network. "A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including those of the Dalai Lama, Canadian researchers have concluded. In a report to be issued this weekend, the researchers said that the system was being controlled from computers based almost exclusively in China, but that they could not say conclusively that the Chinese government was involved." Another report does fault China: The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement

The "boss level" of internet worms.

e.e. coli — Sat, 21 Mar 2009 21:14:02 -0800

Conficker C is scary as hell. Conficker C represents a best-of-breed specimen of malware, with its swiss-army-knife-from-hell approach to digging in, staying hidden, and making your life generally miserable. Telltale symptoms: you can't view such web sites as Microsoft.com, symantec.com, avast.com, or any other computer security-related sites the worm authors have thought to include in the blacklist; you can't run any of the superb Sysinternals utilities, or many other utilities, because they get killed within a second of starting them up; your antiviral software is impotent. But none of that is the point of the worm. On April Fool's Day of this year, the roughly 10 million conficker-infected Windows XP-based PCs (mostly in China, Brazil, and Russia) will phone home, but nobody knows to what purpose. The "best" possible outcome is that the bad guys are merely stealing the identities of 10 million people. It's hard to say what the worst case is, but the metaphor "internet warfare" is, apparently, not overblown.

Heartland Systems data breach

Class Goat — Tue, 20 Jan 2009 15:39:55 -0800

"Payments processor Heartland Payment Systems has learned it was the victim of a security breach within its processing system in 2008. Heartland believes the intrusion is contained." Heartland Payment Systems processes payroll and credit card payments for more than 250,000 businesses. Looks like this data breach is even bigger than 2007's TJ Maxx break-in.

DOWNLOADING IS WRONG

azarbayejani — Tue, 06 Jan 2009 06:06:43 -0800

A new trojan is on the loose. It doesn't install any harmful adware/spyware, but does block both mininova and the Pirate Bay.

Super-targeted spear phishing attacks

gemmy — Thu, 27 Mar 2008 20:34:53 -0800

The recent cyber attacks on pro-Tibet groups in the U.S. (attack details, technical data) and on the Save Darfur Coalition, among others, have managed to catch the attention of some in the mainstream media. Such super-targeted spear phishing attacks have been on the rise for several years, and have become an important tool for corporate espionage and military infiltration attempts. Teaching users to recognize such attack emails is probably the most effective deterrence, as technology solutions have shown to not be particularly effective. Some companies and government agencies even conduct sting operations to ferret out which internal users fail the test, targeting them for additional training. Thanks to homunculus for encouraging me to post on this.

Alex Dragulescu code art

Kronos_to_Earth — Wed, 05 Mar 2008 08:29:40 -0800

Gee. I think I'll uninstall my firewall and ditch the anti-virus. Malwares is pretty. via bbc.

Sears Wants To Hack Your Computer

ikkyu2 — Thu, 03 Jan 2008 18:52:19 -0800

Online communities to become more 'all-encompassing.' If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better: you can only view the true TOS once the proxy has already been installed. Hey Matt, you're lagging behind - this is the future of online community-building! [Via.]

The Economics of Malware

kandinski — Sun, 09 Sep 2007 00:28:44 -0800

50 million computers are after your passwords, your money, and your processor time (single PDF link). No wonder William Gibson's new novel is set in the present: the world is fully caught up with any future we could make up. The business of spamming, carding and phishing supports and runs off a peculiar distributed platform: a market-allocated collection of ad-hoc peer-to-peer content delivery networks running on hijacked browsing appliances' stolen processor cycles. [via BoingBoing comment, previously on Metafilter].

New Trial for Julie Amero

puddleglum — Thu, 07 Jun 2007 12:40:51 -0800

New Trial in pop-up porn case for Julie Amero (Previously and also)

Is jail a fair punishment for malware?

Sixtieslibber — Wed, 24 Jan 2007 12:06:56 -0800

Should a Connecticut substitute teacher go to jail for 40 years because a classroom computer was infected with malware that allowed students to see porn?

When malware runs wild!

Steven C. Den Beste — Tue, 04 Apr 2006 13:46:57 -0800

"In some cases, there really is no way to recover without nuking the systems from orbit." -- Mike Danseglio, program manager in the Security Solutions group at Microsoft

180 Solutions from the Inside Out

Afroblanco — Sun, 02 Apr 2006 23:09:30 -0800

Thought-provoking interview with former employee of hated spyware-maker 180 Solutions.
via /.

Get the word out about Sony

signal — Tue, 14 Mar 2006 09:36:19 -0800

Sony BMG won't be held accountable for its dangerous DRM if music fans don't have an easy way to learn about the flawed software, the settlement, and how to submit claims. By posting a banner on your website or blog, you can help music fans protect themselves and get what they deserve. _{[via A Copyfighter's Musings]}

The Rise of Crimeware

clockworkjoe — Wed, 01 Mar 2006 11:58:37 -0800

Scientific American looks at the Rise of Crimeware Crimeware, or malware with criminal intentions is increasing exponentially. "My company scans 13 million emails a day, and of that email we stop between 3 million and 10 million messages a day because they contain some kind of malware [malicious software]. Of the malware we're seeing, 99.9% is crimeware--something where the bad guys are trying to steal money from the end user. We're detecting one to five new species of virus a day and seeing 100 to 200 new phishing sites appearing every day." Take a look at who's getting attacked. What can we do about it? (PDF report by DHS on crimeware)

are they matched to the access code and do you keep a record of what code is mailed to what person?

amberglow — Tue, 28 Feb 2006 14:36:31 -0800

So if you run the CD in your personal computer, by the end of it, the Minnesota GOP will not only know what you think on particular issues, but also who you are. --a cd being sent out to home by the Minnesota GOP is polling people who use the cd, sending their personal info, including name, address, and phone, among other info, back to party headquarters. No privacy policy or statement identifying what the cd does is visible anywhere: ...As far as I could tell, nothing tells you that the answers are about to be e-mailed or otherwise transmitted to the Minnesota GOP. So you finish, and then the phone rings. "Hello, Mr/Mrs. Voters, it's Joe and I notice you support gun control and the marriage amendment, would you like to donate some money to us?" That might startle the person who may have thought he/she was viewing the presentation in the privacy of the computer room. ...

ambirex — Wed, 24 Apr 2002 08:40:23 -0800

Malware (Radlight) will silently remove (vi fark ) Ad-aware when installed. The forums on both sides have already sparked some heated discussions.

bkdelong — Thu, 20 Dec 2001 10:30:40 -0800

Microsoft's newest version of Windows.... billed as the most secure ever, contains several serious flaws that allow hackers to steal or destroy a victim's data files across the Internet or implant rogue computer software. The company released a free fix Thursday.

A Microsoft official acknowledged that the risk to consumers was unprecedented because the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet.

cfj — Fri, 31 Aug 2001 07:37:30 -0800

Fight back against sneaky scumware like TopText and Surf+, with this Javascript code by Gary Rosenzweig of CleverMedia. The code detects the scumware's presence, pops up a message letting the user know they're carrying a parasite, and then surveys the user to find out if they knew about it. In the first day of operation on his site, he discovered that 3.67% of his visitors had either TopText or Surf+ installed, and more than 90% of these visitors did not know until they were told. (Link to the Javascript code is at the bottom of the article.)