Siljaline's Blog : virus

Google results flog millions of compromised webpages

Randy Knobloch — Fri, 02 Oct 2009 01:52:00 GMT

Two ongoing scams are tricking Google and other search engines into prominently displaying millions of compromised webpages that attempt to hijack end users' computers or steal their credit card numbers, researchers said. http://www.theregister.co...(read more)

Conficker worm sends new instructions: grow botnet, then die

Randy Knobloch — Thu, 09 Apr 2009 20:29:00 GMT

The Conficker worm has begun to update the machines it has infected with a new set of instructions to spread to other machines and then self-destruct, security experts say. Security researchers tracking the worm said some of the infected computers began...(read more)

Conficker botnet remains dormant - for now

Randy Knobloch — Wed, 01 Apr 2009 16:04:00 GMT

Conficker changed the way parts of the botnet communicated overnight, but little else of note has happened so far. The malware is far from an April Fool's joke, but it's obviously a long way from the Skynet botnet, as depicted in Terminator 3...(read more)

As Conficker activation looms, scammers seek to profit off fear

Randy Knobloch — Tue, 31 Mar 2009 20:39:00 GMT

Online scammers are trying to profit from fear of the latest big name in internet viruses by creating and promoting links to fake security software, according to security firms. The scams are hoping to capitalize on consumer fear over the Conficker worm...(read more)

Conficker Activity Update

Randy Knobloch — Fri, 13 Feb 2009 20:48:00 GMT

http://blogs.technet.com/msrc/archive/2009/02/12/conficker-activity-update.aspx...(read more)

Conficker Domain Information

Randy Knobloch — Fri, 13 Feb 2009 20:46:00 GMT

http://blogs.technet.com/msrc/archive/2009/02/12/conficker-domain-information.aspx...(read more)

Microsoft offers $250,000 to nab author of Conficker worm

Randy Knobloch — Fri, 13 Feb 2009 12:05:00 GMT

Microsoft has announced a $250,000 reward for information leading to the arrest of those responsible for an internet worm that has been infecting more than two million computers a day for the past five days. http://www.cbc.ca/technology/story/2009/02...(read more)

Windows virus spreading quickly, but may be a dud

Randy Knobloch — Mon, 19 Jan 2009 18:46:00 GMT

A computer virus that may leave Microsoft Windows users vulnerable to digital hijacking is spreading through companies in the U.S., Europe and Asia, already infecting close to nine million machines, according to a private online security firm. http:/...(read more)

Ad-aware "SE" SE1R285

Randy Knobloch — Thu, 04 Sep 2008 11:07:00 GMT

http://www.lavasoft.com/support/securitycenter/blog/ http://www.lavasoft.com/single/mirror_download.php?f=948DEWk12 http://download.lavasoft.com/public/defs.zip...(read more)

0118.0000 is now available, new definition file for Ad-Aware 2008.

Randy Knobloch — Thu, 04 Sep 2008 11:03:00 GMT

New definitions: ==================== XLGPrivacyControlCenter Win32.Backdoor.Dreamy Win32.Trojan.Emo Win32.Trojan.Feutel Win32.Trojan.Jakuz Win32.Trojan.Renpwl Win32.Trojan.Virtl Win32.Trojan.Worldonline Win32.TrojanDownloader.JKFQ Win32.TrojanDownloader...(read more)

Ad-aware "SE" SE1R284

Randy Knobloch — Tue, 02 Sep 2008 14:42:00 GMT

http://www.lavasoft.com/support/securitycenter/blog/ http://www.lavasoft.com/single/mirror_download.php?f=948DEWk12 http://download.lavasoft.com/public/defs.zip...(read more)

Houston, we have a virus

Randy Knobloch — Wed, 27 Aug 2008 20:27:00 GMT

Worm infects International Space Station laptops A computer worm that ferrets out passwords managed to stow away on laptops aboard the International Space Station, NASA has confirmed. It is not the first time a NASA computer has become infected. SpaceReg...(read more)

Scumbags punt Trojan with baby kidnap lure

Randy Knobloch — Wed, 27 Aug 2008 19:21:00 GMT

A new low With a sick email malware campaign, pond dwelling scumbags are claiming to have kidnapped the children of would-be targets of infection. The contemptible junk mail messages attempt to panic recipients into opening email attachment supposedly...(read more)

New worms target both MySpace and Facebook users

Randy Knobloch — Tue, 26 Aug 2008 11:55:00 GMT

New worms target both MySpace and Facebook users

Kaspersky Lab, a leading developer of secure content management systems, has detected two variants of a new worm, Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b, which attack MySpace and Facebook respectively. As part of their malicious payload, the worms transform victim machines into zombie computers to form botnets.

Even though the worms are currently only infecting MySpace and Facebook users, Kaspersky Lab analysts are warning users that the worms are designed to upload additional malicious modules with other functionality via the Internet. It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes.

Net-Worm.Win32.Koobface.a spreads when a user accesses his/her MySpace account. The worm creates a range of commentaries to friends' accounts. Net-Worm.Win32.Koobface.b, which targets Facebook users, creates spam messages and sends them to the infected users' friends via the Facebook site. The messages and comments include texts such as Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments and many others.

Messages and comments on MySpace and Facebook include links to http://youtube.[skip].pl. If the user clicks on this link, s/he is redirected to http://youtube.[skip].ru, a site which purportedly contains a video clip. If the user tries to watch it, a message appears saying that s/he needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a file called codecsetup.exe is downloaded to the victim machine; this file is also a network worm. The result is that users who have come to the site via Facebook will have the MySpace worm downloaded to their machines, and vice versa.

“Unfortunately, users are very trusting of messages left by 'friends' on social networking sites. So the likelihood of a user clicking on a link like this is very high”, says Alexander Gostev, Senior Virus Analyst at Kaspersky Lab. “At the beginning of 2008 we predicted that we'd see an increase in cybercriminals exploiting MySpace, Facebook and similar sites, and we're now seeing evidence of this. I'm sure that this is simply the first step, and that virus writers will continue to target these resources with increased intensity”.

Kaspersky Internet Security detected these threats proactively and signatures were added to the database on July 31, 2008.

About Kaspersky Lab

Kaspersky Lab delivers the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. Kaspersky Lab products provide superior detection rates and the industry’s fastest outbreak response time for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky technology is also used worldwide inside the products and services of the industry’s leading IT security solution providers. Learn more at www.kaspersky.com. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit www.viruslist.com.

31 Jul 2008

Facebook Tries To Exterminate Worm

Randy Knobloch — Mon, 11 Aug 2008 16:05:00 GMT

http://www.informationweek.com/news/internet/social_network/showArticle.jhtml;jsessionid=W2EJZN4XH53KCQSNDLPCKH0CJUNN2JVN?articleID=210000431&subSection=Internet+security

UPS Virus Alert

Randy Knobloch — Sat, 26 Jul 2008 10:21:00 GMT

http://www.ups.com/content/us/en/about/news/service_updates/virus_us.html

Red Alert! DNS Flaw Revealed

Randy Knobloch — Sat, 26 Jul 2008 09:21:00 GMT

http://www.informationweek.com/news/internet/security/showArticle.jhtml?articleID=209401195

Electronic gadgets latest sources of computer viruses

Randy Knobloch — Fri, 14 Mar 2008 14:28:00 GMT

http://www.cnn.com/2008/TECH/ptech/03/13/factory.installed.virus.ap/index.html

Unigray, new Rogue AntiVirus

Randy Knobloch — Fri, 07 Mar 2008 14:50:00 GMT

http://www.lavasoft.com/support/securitycenter/blog/?p=200

ESET Anti-virus Update 2007.11.05

Randy Knobloch — Tue, 06 Nov 2007 01:21:00 GMT

http://www.eset.eu/podpora/aktualizacia-2639?lng=en