Category: XP

Mikeyy Worms stills going around Twitter

Paul

It seems Mikeyy has spawned a new and improved little advertisement:

Twitter, hire Mikeyy! (718) 312-8131 🙂

As you can see from tweets:
mikey12

It seems this is the new campaign started earlier this morning around 1am or so for Mikeyy and people have found this rather annoying but it is teaching Twitter a lesson, this would be good PR if they hired Mikeyy. Obviously he has a lot to offer but I guess who ever wrote this variant for the Mikeyy Worm went and found his number on a stickcam website:

mickstickcam

Anyone who just Google the number right now could find out the stickcam profile, so I won’t direct you to it. I just hope this doesn’t keep up to much longer. If you’ve been infected with this worm I would refer to my other [intlink id=”3308″ type=”post”]post about removing the worm[/intlink]. I do know if you aren’t logged into twitter through your browser you will not get the worm. This is a simple exploit where they use your browser cookies to infect your Twitter account. So if you view any twitter accounts just keep logged out of Twitter in your browser and you should help prevent this from happening until Twitter gets this under control.

Stalkdaily worm strikes Twitter — Brings down the House!!

Paul

twitter-stalkdaily

According to Techcrunch, this seems to of happened today where this worm has brought down twitter. I have been using the Twitter Client Tweetdeck and have not had any problems like they have had with this site. I wouldn’t visit the site in question because you would most likely get the worm. It seems to be a very good hack it sends out spam on your twitter account like this:

stalkdaily1

[ad#cricket-right-ez]If you have been infected twitter is suggesting you password reset and requesting a new password. Some other removal information can be found here. I will update as necessary when I find out more.

*Update a Few hours*
It looks like Twitter had a Cross Site Scripting going on, and it wasn’t really Stalkdaily who did it rather someone injected code into twitter to grab peoples browser Cache. See this post for more information.

According to watch I am seeing Stalkdaily is now safe to surf to as long as you don’t click on links on twitter just yet. I have found that if you make sure you aren’t logged into twitter in your browser you are much better at preventing this type of attacks. You can see the screenshot of stalkdaily website and it looks like they are an innocent party.

stalkdaily2

Online Episodes helps Adware Installer Zango

Paul

I was surfing the web hoping that Mythbusters would start putting there episodes online and I the first link that I get a website that looks like this:

mythbusterzangosite

This site even has the Theme music playing as if it was affiliated with Discovery Channel’s Mythbusters show.   If you look at the screen shot above you will see who someone has been keeping this site updated with the most current episodes of Mythbusters.   So I check out The Season 7 Episode 1 – Demolition Derby Special and I was curious as to what would happened if I clicked that link, and this screen pops up:

mythzango1

So I have to install this Zango Software to view this show?  So I find out go doing my research about Zango and Wikipedia says:
Zango, formerly ePIPO, 180solutions and Hotbar, produces software that provides access to partners’ games and DRM-restricted videos and software. Zango software is listed as adware by Symantec.[1] McAfee states, “this program may have legitimate uses”, but describes it as a “potentially unwanted program”, and an “adware downloader”

[Via Wikipedia]

I didn’t like the sound of this but I wanted to see what my AVG would say when I downloaded this software, and it pops up with:

zangowindowsdef

[ad#cricket-right-ez]Windows Defender comes back with Win32/Zangosearchassistant warning,  and thus I go around checking out this adware out around Google and I am seeing reports after reports on asking how to get rid of this Adware.  Some of the ones that I think would help people get rid of this program is:

If you haven’t installed [intlink id=”2205″ type=”page”]anti-virus or Firewalls[/intlink] this would be the first thing to do.   I’ve also read some reports about Zango that are quite disturbing like these:

Although these are just a few examples of what I found out just Googling Zango, I thought I would share these with you.  There are more examples like Zango’s Facebook Widget that I will say acts like adware and encourages you to send to 5 different users.  Although Facebook as Stopped this widget, we all know that Spyware and Malware is being used on social networks and will be undoubtedly be more and more in the future.   Remember you’re the only one to prevent having a virus.

A side not, if you did  try to install this software you would need to be and Administrator and that also concerns me because the type of stuff they are claiming in the EULA is Browsers stuff which shouldn’t need Administrator rights or at least I am not going to give Adware that right.   Zango is being Classified as Adware and I am only reporting that the software is being clasfied as Adware, but Zango claims it not.   This is where the End Users decide if it is or not, I however think it is!! I am also sure there are other sites like this that are trying to get you to install this software to view movies, and shows. Your best bet is to not install the software and go to Hulu or Fancast to find safe movies and shows.

The Seriousness of the Twitter Vulnerability?

Paul

twitter_110 The main question is how much do you want to know about this?  Yes I am talking about a Vulnerability that could risk your twitter account or even yet inject malious software into the computer.

[ad#cricket-right-ez]We’ve seen that there have been [intlink id=”2650″ type=”post”]twitter phishing[/intlink] in the past, and [intlink id=”3008″ type=”post”]Facebook phishing[/intlink] have made people wonder out much do we depend on Twitter.

Lance James and Eric Wastl have provide Proof of Concept for this vulnerability, according to Information Weekly:

James cautions that XSS vulnerabilities should be taken seriously because they can reach beyond Web pages. “A lot of people think XSS is limited to the Web,” he said. If there’s another vulnerability in the victim’s browser, the Twitter flaw could be used to launch additional malicious code, he explained.

As you can see there is more to this problem then meets the eye.  For one using the [intlink id=”2980″ type=”post”]URL redirects[/intlink] could be one way this could be used.  No telling what other vulnerabilities lay for the client side twitter programs.   Twitter has a long way to go to be security minded, and yet Twitter hasn’t said what they will do to fix this problem.

I for one would like to see this problem fixed just as quickly as possible due to the security risk involved to me, the consumer.  Twitter needs to jump on this and fix it to prevent any more attacks against there twitter audience. Although it doesn’t hurt to have [intlink id=”2205″ type=”page”]Anti-virus And a good firewall[/intlink], it all depends on End user to prevent this for the time being.

Come on Twitter, Fix this problem.

Are You and Your Friends Fine — Virus Spam

Paul

Logged into my Google Email and was checking my spam to see what I see and this one draws my attention:

virusspam

I think I know where this is leading me but I click the link and this website with the Reuters logo pops up:

fakesvideo

Now as you can tell this looks authentic but when I did go to this site, AVG detected some trojan.  It blocked it, but  the file that it is downloaded called “save.exe” and I have talked about [intlink id=”2991″ type=”post” target=”_blank”]flash player fake updates[/intlink].  I have seen other blogs talking about dirty bomb news report leads to malware.  I don’t know about you but if I wanted to update my flash player, I go to the source and not use any links.  It is wise not to download any programs or files and run them without properly checking them out for viruses and Trojans.  You should have a fiewall and anti-virus running at all times and that will help but it is your actions that help your prevent from getting viruses or Trojans.