Spyware : Michelle Obama’s Ta’s Ta’s Video

Paul1 Reply

I love this one, I was reading the Sans Report about Michelle Obama Ta’s Ta’s on Video.  I wanted to investigate this a little further so I went searching around.  I found some comment spam links to a site I will not talk about the links directly.  The site however had a fake video on it :

michelleobamatoplessfake

It looks like if you hit Cancel or Details it keeps trying to tell you need to install an ActiveX Object.   It also makes the user think that there is only one option to use right now.   As you can tell  it makes you think you can’t cancel or get details but I did.  I tried to cancel and it kept on popping up trying to get you to install this active X installer.   AVG detects it as:

michelleobamatoplessfake1

[ad]This proves the fact that any Anti-virus software is better than nothing at all.   I also  have talked in the past about [intlink id=”2991″ type=”post”]fake codecs and how they are used maliciously[/intlink] to spread malware to people who aren’t up to the job.   I didn’t take long to find Phrases such as “Michelle Obama Topless” or “Michelle Obama Topless Video” to find spam comments linking to sites that are hosting these types of malware.  It seemed that in order to get out of the cycle with the Malware site, I had to do a CLT-ALT-DELETE and End the process of Internet Explorer process from Task manager.  It was an infinite loop and could not be closed any other way.  upon trying to go the link again it seems to be a random redirection every time you visit that site the next time I went there, I had a scare message pop up telling me:

michelleobamatoplessfake2

As you can tell this [intlink id=”3397″ type=”post”]pops up with scareware[/intlink] instead of the video and tries to tell you have a virus and you should run a free scan from the site of their choice.   This is an old tactic and still being used but funny if you look at that message one you know it is from a “Webpage” and two there are at least one grammar error?  Can you see it?

You’re best bet is not to go clicking on links that people have left in comments.   I am so glad I have moderation turned on and I have to approve each and every post someone comments on.   This is the only way I know how to prevent from being used in the spam campaign.  Remember it is time to update your [intlink id=”2205″ type=”page”]Anti-virus and Firewall [/intlink]if you don’t already have it.  Don’t forget to visit the Forums and help discuss this problem in detail.

MobileMe Who me? Could this be Phishing?

Paul
Photo By : Richard Thomas
Photo By : Richard Thomas

MobileMe one of Apples latest software packages, recently started getting emails claiming they need to update their credit card information.

 

It seems that along with Twitter, Facebook, and PayPal Phishing are on the rise. I know this was going to happen do to the fact of the recession. I’ve seen more and more attempts to send people to the Canadian Pharmacy and to sell you drugs that I wouldn’t recommend buying it online.

 

Some things I am wondering is when will Apple release they are having to protect their consumers from these types of attacks? I’ve talked about the Apple Botnets and how they will become more and more prevalent due to the fact users think they can never get a virus. See the Apple Ads in 2007 to prove my point.

 

So let’s talk about online safety, and help those who might need help. Some of my thoughts to help keep the Apple People happy are:

 

  • [ad]Don’t go Downloading Illegal stuff – This is mostly how they malware authors are getting Mac users to install malicious software. You think you downloading the I-Life 09 but are really installing a virus.

  • Don’t click links in Email – This is so tempting because it easier to just click and have it open up automatically but most of the time if you click a link that says it is going to http://www.apple.com/support (That is how they fool you).

  • Don’t give out your email on twitter – This is also something you should follow more and more, because you don’t want to get a virus or spam from making your email public. There are ways to see your deleted twitter message so that isn’t going to be hard to find those emails.

  • It’s time to install Macintosh Anti-virus software – Yes you heard me, I know there are a few Mac Anti-virus software’s out there. You should also make sure to keep that up to date.

Now is when Apple should start suggesting security, but they have stopped recommending it for so long. The Malware authors are getting restless with anticipation. I can only guess what they will try next but it will happen. Sooner or later you will get a virus so bad that Apple will start recommending it on there site. When that day comes, I’ll be so happy because that means Apple software isn’t that bad. I just hope Apple realizes it before it’s too late. They’ve had so much Apple don’t Virus propaganda thrown at it’s consumers it is no wonder they aren’t worried about Security.

Free Anonymous Browsing with Opera-Tor

Paul

2588641284_603490d6d1_m Photo by Philip Chapman-Bell

Anonymous browsing is something of huge interest to the Internet users, who are very particular about their online privacy and security. There may be many reasons and situations, when you might be interested in using internet anonymously; for instance, you may be working on a public place and do not want to leave the traces or you may not like your family members or office colleagues to know what you have been doing online. Whatever be the reason, but still, it is an area, where a lot research is to be done.

 

How Anonymous Browsers Operate?

At present there are two dominant techniques used by various anonymous browsing tools. One is the use of JAP Networks, which was used hugely used earlier but later it ran into controversies after a backdoor had to be put into the product to allow interception of child pornographers on insistence of German Police.

 

The second technique is the use of Tor (The Onion Ring), which only allows anonymous browsing but also facilitates other applications like anonymous P2P, email, IM, and IRC chat. This technique is dominantly used in present day anonymous browsing tools.

 

Operator – A useful anonymous browser

 

OperaTor is small and relatively fast anonymous web browser, which combines the browsing platform of Opera, with privacy provided by Tor engines and the speed of browsing provided by Polipo.

 

You can download this 7MB application in your USB drive and carry it whenever you need to use a public computer for anonymous surfing.

 

In my testing, I was pleasantly surprised with the speed of browsing, which I was getting with this little tool. I had earlier used XBBrowser for anonymous browsing, but it was too slow, as compared to Operator. In fact, there was hardly any noticeable difference in the browsing speed as compared to my normal Opera browser. This is because of Polipo, the small caching web proxy, that comes bundled with Opera-Tor.

 

Since Operator allows only http and https protocols in anonymous mode, you should avoid Javascripts and Opera’s IRC functions running through it.

 

Some people complain that it has not yet released the source code of itself. But my view is that unless you are hard-core programmer and really need to tweak the source code, why should you worry about that. After all, trusted networks like CNet says OperaTor has been tested spyware free and Softpedia gave OperaTor its 100% Clean award. Major antivirus vendors, like GData, Kaspersky, McAfee and Microsoft, confirm that OperaTor contains no malicious software.

 

Overall, one of the best applications for anonymous browsing available today.

[This is a guest post by Silki Garg. She advises on how to eliminate spyware, online threats and malware detection, on her Internet Security Blog. A visit to her Blog is highly recommended. You’re sure to find something of interest.]

 

 

JSRedir-R/Gumblar The underlying problem!!

Paul

Some people have made comments about there website being hosted to Malware injection into there site.  I’ve been seing a Lot of talk about JSRedir-R/Gumblar found to be the biggest malware threat on the Web.  They estimate that it is 42% of infected websites to be carrying this malware threat, last week.  I have heard some think it is weak login creditals.

[ad]See the Graph from Sophos about the percentage.  I also wanted to tell people how to identify if you have the infection or not.  This is very important to check because people are letting this Malware spread and all.  

I on the other hand think the way this is spreading is a Cross Site Scripting vulnerability for these websites but there are a few websites that do keep your login cache on your system.   I would recommend if your a web site owner to have your cache deleted everytime you exit your web browser.   This should in theory help prevent Cross Site scripting and Website owners should also either buy [intlink id=”2205″ type=”page”]Anti-virus and Firewall software or install the Free version[/intlink] to better protect your website.

Just like the[intlink id=”3308″ type=”post”]Twitter Cross Site Scripting tom foolery [/intlink]this is my theory on how websites are being injected with this malware.   It is however just a theory.  I was never logged into my account on twitter through my web browser when this happened and that is what kept me from spreading it to my Twitter users.   You should also consider always logging off your web site when your done doing what you do!   Just my thoughts on the matter,  Remember only you can prevent from getting a Virus.

You’ve got hacked thanks to Twitter : Don’t “email me at”

Paul

I was reading a blog post about Spammers Harvesting Sorrow From Twitter.

Something came to my mind, so I did a little research and a lot of thinking and it finally came to me. It is easy for someone to find your email and use it for there own means. There are several different scenarios I can come up with:

    [ad]

  • Impersonating someone you know —  It is quite simple to find out who we know and who we follow.  You can always find someone who you don’t know the email address of and make it seem like your them to get even more information from the person.

  • Receiving Viruses, Trojans, or worms —   Although if you have a good Anti-virus this one won’t be getting to you but  according to ESET : 10 percent of computer users didn’t know if they had anti-virusware installed. This means that there are going to be some success for malware authors to send out a virus to every who twitters there email address and still have success.

  • Try to guess your password —  If they have your email address, which is almost like your SSN in some respects, they could go to Facebook and try to get into your account by doing a Dictionary attack or a Brute Force Attack.  They may even try to hack into your email address just to get access to all the other accounts.

I am sure I am going to miss others that could possibly happen but this isn’t about what could happen this is about ways to prevent this type of stuff.   Chris Pirillo seems to think that if we use the “AT” and “dot” in place of the real things that no Bot would be able to figure that.   I say no because this is the easiest thing for a bot to do is to copy everything after the “Email me at”  and put it in a text file.   Then the person harvesting the email address would just have to go through and find all them that have the “dot” and “at” and change them to what they should be.  I have been watching the search terms for the last few hours and it seems there is a new person posting there email address every 5 minutes or so.  Have you don’t it in the past?

In short, if you want someone to email you it is always best just to send a Direct message to them so no other eyes can see it.  I’d also suggest installing some [intlink id=”2205″ type=”page”]Free Anti-virus and Firewalls[/intlink] if you haven’t already to better help your protect your personal information.  Remember only you can prevent from getting your personal information stolen.