Spyware Techie

Script injected images could be the culprit of malware or malicious content in spam messages.

Reports by security firms have said that the number of sites blocked for hosting malicious content rose by 197 percent just in the month of March 2009. This was reported by MessageLabs where the stunning results may be due to the increase in web-based and email-borne images with malicious scripts injected. The other surprise part of this study is that most of these sites that were blocked due to malicious content were free image hosting sites.

Do you use any free image hosting sites for storing or sharing images? Do any of them extend to social networks allowing interconnectivity from the image source to a social networking site that you may be a member of? Spammers and hackers are using these circumstances to use scripts and SQL injections to compromise the user generated sites through images uploaded to these free image hosting sites. They use custom created ads that could redirect users to a malicious site or phishing web page.

Facebook continues to get hammered with malware and malicious links and this time it is a “Dancing Girl” message that gets users attention so that they download malware.

Security researchers and the security firm Websense Security Labs ThreatSeeker Network have received reports of a malicious message being spoofed as a Facebook email message offering a dancing girl video. Within the message are links that lead users to download malware in the form of the infamous fake Adobe Flash Player update file. The file, as you may have already guessed, is Adobe_Player11.exe, which is nothing more than a malware parasite.

The spoofed Facebook email message comes with an enticing subject line that makes users think that it is a video of a dancing girl possibly on the verge of being pornography. The message looks like a normal legitimate Facebook message that invites the recipient to click on a link to view the video of the “dancing girl”.

According to McAfee, Spam is expected to increase by 20 percent in March (this month) and may cost companies about $41,000.

We all hate to hear news like this but we all must face the music because it is a very real threat, spam is on a continuous rise.

Spam messages date back to the beginning of the internet and email where spammers have been diligently working to send these malicious messages in seek of monetary gain by spreading malware or malicious website links. With the current state of the economy this is big news because it will cost companies, who already spend thousands on filtering spam messages, an additional amount to combat these messages.

Companies who have 1,000 or more employees may expect and average spending of $182,500 in spam-combat costs this year according to McAfee’s March Spam report. Spammers are finding ways to slip through current spam filters where if only an additional 4% of the spam messages slip through the cracks it can be in the thousands of dollars extra companies will have to spend to update the filters.

Social networks such as Facebook and MySpace continue to be an easy target for creators of rogue applications that spam users to gain personal information.

Just recently Facebook removed one application that was found to be rogue where it spammed users by claiming that a friend had reported them (the recipient) of violating the terms of service. If a user clicked on the link within the message it may give the application access to their profile where personal information may be stolen.

The Facebook team disabled this application but is being criticized by security experts, such as Graham Cluley, explaining that they should do more to prevent these rogue applications from spreading instead of just shutting them down on an isolated basis.

Recent security research findings have revealed that scammers are abusing Google Trends to poison Google search results with links that spread malware or fake security applications.

If you are at all familiar with Google Trends then you might be in the internet marketing field or a Google keyword search aficionado. Google Trends is a tool that highlights the most popular searches of the past hour or over a specified period of time. The tool can be used by many to promote a certain keyword due to its rising or historic popularity all displayed in charts and statistical form via the Google Trends web page.

Scammers are now using the Google Trends tool to promote their scamware or sometimes vicious fake security programs. They seek out the popular search keywords or terms and use them to integrate into their own malicious sites or product web pages. Google picks up on popular keywords and news items almost like white on rice in some cases. The hackers and cyberthieves know this and have done their homework so they are able to use any popular keywords found through Google Trends to tag onto their own products and sites.

Fake Delta Airline ticket confirmation messages were found to be currently circulating where they contain a Trojan infection identified as W32/Trojan2.FXRO.

One of our readers gave us this tip reported on MXLab’s blog (blog.mxlab.be).

During the past holiday season there were reports of email messages that spoofed airline companies spreading malware and the trend has continued. The current malware being spread comes attached as a zip file named delta_RQ763.exe to an email with the subject line “Confirmation of airline ticket purchase at www.delta.com.” The spammers go even further to make this message look legitimate by spoofing the email address as support@delta.com. To a normal computer user that message will appear to have legitimately come from Delta Airlines.

The creators of the original Conficker Worm infection have released a newer version of the vicious malware infection now called Conficker B++.

In just a few days ago SRI International Researchers, who published code of the Conficker B++ Worm, discovered the new infection. Just like the old Conficker Worm variant, the newer Conficker B++ also facilitates malicious actions such as sending out spam messages, recording keystrokes and even the launching of DoS (denial of service) attacks.

The Conficker Cabal, an ad hoc group, has kept the Conficker worm somewhat under control by cracking the algorithm that the software uses to find meeting points on the internet where it can look for new code. This action uses unique domain names for the access or rendezvous points which are kept out of the wrong hands.

Cybercriminals thrive on holidays and popular world events to spam computer users in hopes of spreading malware.

Valentine’s Day is no exception for cybercriminals scamming you through spam messages or malicious website links. This Valentine’s Day a new variant of the infamous Waledac Worm infection is being spread through links within a Valentine’s Day themed message.

Embedded within this particular spam Valentine’s Day message is a message offering an eCard that asks that you visit a website to view it. The embedded link does redirect you to a Valentine’s Day themed site but it is a malicious site. The page usually suggests that you obtain a Valentine Devkit so that you may design or create your own Valentines Card for your “sweetheart”. Of course the link downloads a new variant of the Waledac Worm.

Is Internet Explorer or Firefox the Most Secure Web Browser?

The web browser wars continue to go on while the main contenders continue to be Internet Explorer and Firefox with the recent addition of Google Chrome. Apple’s Safari browser continues to be a strong component in the Mac world. The question arises as to which browser is more secure or which one is the ultimate choice for when it comes to browsing the web safely?

Internet Explorer has a long history of failed security where it was patched more than the interstate roads in America. With IE’s security history came the trustworthy Firefox browser and then it too suffered from a few minor attacks at various times in history. Recently IE has gained some credibility back with version 7 while the race continues mainly between IE and Firefox.

“This site may harm your computer” message on every Google search result was an error.

This past weekend on Saturday January 31st, Google tagged every search result as malware with a phrase you may have seen before “This site may harm your computer”. The incident was a mistake of course blamed to be a human error. The situation is somewhat humorous but not to computer users who take those words seriously when they perform internet searches using Google. The “error” happened for about one hour on Saturday from 6:30am to 7:25am PST.

If you have visited malicious sites that spread malware and you were infected then a message that says “This site may harm your computer” could be a matter of your system getting a serious virus or you being able to check your bank account online. With all of the malware running around over the internet computer users are becoming more educated on ways to avoid getting infected.