Spyware Techie

Recent reports have confirmed several US Governments web sites being attacked by a botnet.

An attack that started Saturday knocked the U.S. federal Trade Commission’s web site offline and targeted other US Government sites such as the Department of Transportation and Department of the Treasury. Currently several of the U.S. Government organizations are working with their service providers to mitigate the impact from this attack.

Computer researchers have narrowed the attack sourced from a botnet which is compromised of over 50,000 infected systems which has already caused issues for businesses in South Korea and some other U.S. sites.

No sooner than the unfortunate death of Michael Jackson, security researchers expected an increase in spam that exploits this popular news story to spread malware.

Recent and popular events are like holidays for scammers, they are like vultures when it comes to a exploiting a story that is talked about non-stop via the media and internet. Michael Jackson’s death is undoubtedly one of the most popular stories currently and will continue to be for some time. Scammers realize this and they plan on spreading their malicious files and spam messages to unsuspecting computer users while the getting is good.

Exploits of vulnerabilities in Microsoft Windows operating systems is something that may be a serious issue if the attacks start to increase as predicted by the security firm Symantec.

Some of the most recent exploits of vulnerabilities within Microsoft Windows was the infamous Conficker Worm infection. Since then, another bug as arisen and could become a mounting issue according to Symantec.

A bug called DirectShow, was noticed by Microsoft about a month ago, has been added to one web-based attack kit. It is speculated that this may lead to spreading of this bug. A fix has not yet been issued by Microsoft for the DirectShow bug. As of now it has been found that the DirectShow bug affects only Windows 2000, Windows 2003 and Windows XP. A month ago Microsoft issues a security advisory in regards to a “limited attack.”

Hackers are ramping up their activities in going after Twitter users again with a new “Best Video” tweet scam.

Cybercrooks are recently attempting to lure victims into visiting a web site that launches PDF-based attacks according to security researchers.

Kaspersky analysts have discovered a malicious site, juste.ru, that contains an embedded YouTube video that will use methods to launch a PDF attack eventually installing the rogue anti-spyware application System Security.

We found a video of hackers taking over the lighting controls in a skyscraper for the thrill of playing the classic Space Invaders game.

Could this video be proof that hackers are just toying with the cyber world ready to initiate a Cyber Apocalypse when they want?

Security vendor McAfee warns us that hackers or intruders may target utility control systems. Although the video portrayed below appears as a joke, it enters the minds of security analysts as a viable threat to the nationwide energy infrastructure.

New report reveals FAA Systems have been compromised more than one time in the past.

A report has been released revealing incidents where hackers compromised an FAA public-facing computer. The system hacked into was used to gain access to personally identifiable information on FAA employees, such as Social Security numbers. The many hacking incidents happened over the course of a few years dating back to 2006.

The new report showed that it was just last year when hackers took control of FAA critical network servers risking a shut-down and disruption of the agency’s mission-support network.

Will spam volumes continue to decrease or is this a temporary situation?

According to McAfee’s newest research, global email spam volumes have decreased 20% in the first quarter of this year (2009) when compared to last year’s rate during the same time period.

The recent report has some security experts baffled and others are contributing the findings to the November shut-down of the spam-generating McColo site. At one point in time last year, a month after McColo was shut-down, spam was still on the increase despite the demise of McColo. However, the end of McColo did hinder many botnets as the controllers were not able to send out commands to the infected machines in the same fashion. This may be the case as to the recent decline in spam, botnets are not running as ramped as they use too.

Facebook continues to be plagued with phishing and spam attacks in an attempt to steal passwords.

In a recent attack against Facebook, phishers attempted to steal passwords and names through fake e-mail messages that appeared to have come from Facebook Inc. Included in the fake email messages is a link that redirects users to a phishing website. The malicious website was discovered to be Fbaction.net, which appears to look like a Facebook log-in page.

What does the message look like? Victims of the attack have reported a message that has the subject line “Hello,” that appears to have come from a friend on Facebook. Within the message, it invites users to “Visit http://www.facebook.com/l/4253f;http://fbaction.net/” and then redirects them to the malicious Fbaction.net phishing site. Once a user visits the site they are greeted with several warnings and notices to change their password. This is where the scammers are able to retrieve your password.

There is no doubt that Conficker Worm has been a serious threat to the computer security world over the past couple months.

The newest variant of Conficker, Conficker.E, has gained traction since April 8th when it was first discovered to be updated. The main difference in the newer Conficker.E variant would be it’s ability to propagate and infect users over p2p or peer-to-peer file sharing networks. Instead of using Conficker.C or previous versions of Conficker to spread through the 50,000 newly generated domains, it goes the route of infecting computers through P2P networks over the internet.

Conficker.E is suspected to be communicating with a Waledec worm domain which is behind a wave of fake antivirus applications or scamware. Just like rogue anti-spyware applications, rogue antivirus programs are misleading in a way that it cohorts computer users into purchasing a full version of the fake antivirus application. Conficker.E could be a new culprit for aiding to the spread of fake antivirus programs. It may be safe to say that many security experts did not see this coming.

After the hype of the Conficker worm other cyberthieves wish to cash in on the situation by circulating spam messages alerting computer users of a fake Conficker Infection Alert.

Marshal8e6’s TRACElabs researchers have ran into a spam campaign that has fake “Conficker Infection Alerts” which will actually redirect users to rogue security software. With the hype and confusion of the Conficker Worm, messages that are related to Conficker Worm gain a lot of attention. Hackers and cyberthieves are now using this to their advantage.

In the past their have been all types of other spam campaigns from Presidential election messages to fake economic condition emails that claim to help you pay your mortgage. The Conficker Worm, as you may already know, is a serious threat and continues to be a mystery to many security researchers. The latest Conficker.C variant was recently discovered to have dropped a new payload as it awakens well after April 1st.