Spyware Techie

The creator of the Srizbi Botnet seems to be very witty with the actions that have allowed the Srizbi Botnet to re-emerge despite the actions of the security community.

The Srizbi Botnet may be one of the most infamous spamming network for computers that have been compromised. It is believed that around 40 percent of the world’s spam is connected to the Srizbi Botnet which was knocked offline on November 11th in conjunction with web hosting company McColo. The McColo firm was belived to have hosted many of the computers that controlled the flow of about 75 percent of the world’s spam. You may be asking the question “why was this hosting firm not shut down sooner?” Well, one security firm thought that it discovered a way of preventing the Srizbi Botnet from coming back online but was sought to be too expensive. FireEye was the security firm that attempted this process.

Oh the Joy of the holidays and what better way for hackers to cheat the system by using the Christmas season to commit cybercrimes and scam millions of online shoppers. Online shopping is nothing new as we should all know by now. More and more people, including hackers, flock to consumer sites looking for the best deal on anything from iPods and computers to house slippers to “Exploitation Kits”. Cyber criminals have a gift of their own to distribute online but they do not have to look too hard to find it. Hackers have released a web malware exploitation kit which is designed for commercial gains through a Christmas marketing pitch.

Do you know what Winweb Security 2008 is?

DESCRIPTION

Winweb Security 2008 or WinwebSecurity 2008, is a preposterous anti-spyware program that does not “enhance your safety and security” which the www.winwebsecurity.com website falsely claims. Winweb Security 2008 is nothing more than another rogue anti-spyware program that attempts to trick computer users into purchasing a full version of WinwebSecurity2008.

Winweb Security 2008 is basically a ploy and a poor attempt to extort money from you. Once Winweb Security 2008 is installed, usually from a Trojan horse, it may start to display popup alerts in a never-ending loop which may annoy you to the point of insanity. You may find that WinwebSecurity 2008 was installed without your permission.

Do you know what SpywareRemover 2009 is?

DESCRIPTION

SpywareRemover 2009, or Spyware Remover 2009, is a complete joke when it comes to being able to remove malware from your computer. SpywareRemover 2009 claims that it is able to protect you against security threats. If you believe that then you may also believe the sky is falling.

SpywareRemover 2009 or Spyware Remover 2009, when installed, starts to display several popup messages or system alerts which are actually bogus. These fake messages usually state that you are infected with a parasite but do not necessarily mean that you have malware on your system. This is SpywareRemover 2009 poor attempt to get you to purchase a full version of the SpywareRemover 2009 program. SpywareRemover 2009 may come from a Trojan infection or even directly from the SpywareRemover 2009 website that is known to advertise SpywareRemover 2009 or Spyware Remover.

Agent.btz Virus and SillyFDC Worm Prompts Department Of Defense Ban of Removable Storage Devices

Some time ago we posted an article about the US Army Banning USB Drives Due To a Worm Threat. It seems not only the Army is banning use of removable storage devices, but the Department of Defense is following suit. That means all personnel from the pentagon to military service-men are instructed to cease using flash drives/USB drives, CD’s, and any other source of removable media.

Agent.btz Virus and SillyFDC Worm are the culprits in causing this ban which started with the US Army and now seems to have caught onto the Department of Defense. The SillyFDC Worm is well known as an infection that mainly spreads through removable media. Security researchers will warn users of thousands of infections or viruses that can be spread through removable media. The dangers or a parasite on a form of removable media is that it may potentially be spread to every system that a person uses the media device on. That is not a good situation when DOD personnel utilize many systems within their own network.

Do you know what XP Protection Center is?

DESCRIPTION

You may find that XP Protection Center (XPProtectionCenter) is advertised as an anti-spyware program for Windows XP but we have confirmed that it is a related to the rogue antispyware program, AntiSpyware XP 2009. Both XP Protection Center and AntiSpyware XP 2009 are malware and we discovered to do nothing but waste a computer user’s money and time by pretending to be able to remove spyware or other parasites from your system.

Any program, such as XP Protection Center, that is installed by a Trojan infection and promoted a malicious website such as www.xp-protection-center.com which is where XP Protection Center may also come from. XP Protection Center may be presented on your system through a popup notification with deceiving messages that state your system is infected with spyware. The most deceiving part of these messages is that it suggests that you use XP Protection Center to fix your “issues” or clean your system. This would be a big mistake if you used XPProtectionCenter for any of your security needs.

Do you know what XP Entertainments is?

DESCRIPTION

XP Entertainmentsis a serious adware parasite that was found to be installed through a Trojan horse infection which may come from a malicious website. XP Entertainments can be very dangerous as it may block or disable firewall, antivirus or antispyware programs currently installed and running on your system. You may get several popups or system messages from the XP Entertainments parasites if it is installed on your computer.

In non-techie terms:
XP Entertainments or XPEntertainments was discovered to be a variant of the AvKiller Trojan which has the ability to install or download malware to your system without your knowledge or consent. It would be very wise to remove XP Entertainments and any Trojan infection related to XP Entertainments from your computer to avoid any additional damage to your system.

Aliases: XP Entertainments, XPEntertainments, XP_Entertainments, XP-Entertainments.

Previously circulating around the security world was the announcement that Microsoft plans to offer a free consumer security product.

The Free Security product from Microsoft is called Morro. Morro is supposed to be able to assist in detection and removal of spyware, viruses, rootkits and Trojans. Many customers and users of Microsoft products have expressed the need for a comprehensive way of protecting their computers from existing and future threats. The question that many ask: will this product truly deliver?

Do you know what Antivirus Trigger is?

DESCRIPTION

Antivirus Trigger (AntivirusTrigger) is a vicious rogue anti-spyware program known to be installed onto your system without notice until you start getting popups or error messages. Antivirus Trigger may be installed through a Trojan such as, Zlob.Trojan, Vundo Trojan or even Trojan.Downloader.

Antivirus Trigger is not one of those programs that you do not trust to scan your computer for parasites because even though it displays many parasites in the scan results, they are probably not even present on your system. Antivirus Trigger is also known to display many error messages that usually say something similar to “System Alert: your system might be infected with malicious software”. That message is probably total BS.

The US Army said it would ban the use of removable drives including UBS flash drives, CD’s and media cards to prevent the spread of a worm.

Service members of the US Army have been ordered to cease usage of all USB and removable drive media devices until they can be properly scanned for malware. The commander of U.S. Strategic Command has issues this order to take place immediately mainly due to a serious threat of a worm infection. The worm threat is known to be spread through removable media. This threat is very dangerous and starting to spread at in increasing rate.

The worm was identified as Agent-BTZ, a variant of the SillyFDC worm by security researchers.

The last thing that any the US government needs is a serious worm infection spreading amongst one of their military branches. This may slow down many of the service men from accessing personal files but it is always better to be safe than sorry. I am sure one of the brave soldiers would not feel very good about being the culprit of spreading worm through a network belonging to the US Army. It is bad enough that these guys have to worry about staying alive in the battlefield, they don’t need any additional pressure put on them.