Spyware, Adware and Virus News

What Is Pagejacking? Preventing Pagejacking

Web surfing offers many different kinds of experience – the useful and the redundant, the profitable and the idle, the regular and the bizarre. And certainly one of the strangest experiences is when you try to visit a familiar page and suddenly find yourself on a completely different one, related or unrelated to the page you were trying to reach. What happened? Has the website changed its business?

Actually, the page got jacked. Perhaps you were searching for the page in a search engine, and got a link which you thought should be what you were looking for. But when you clicked on the link, you found that you were in the wrong place. Even wrong enough to get you embarrassed when there are other people nearby. Search engines do not make that kind of mistake, so what happened was the page go jacked, which fooled the search engine into thinking that it was relevant for your search.
You know how the internet works. There are banner ads and other kinds of ads which earn revenue for that site, and that is how they make a profit. Websites and businesses for alliances among themselves, and carry each other’s ads on their sites. When you got to a particular site and click on an ad that you find interesting, the original website gains some amount of money from the site to which your click takes you. So it’s possible for websites to make a profit from your visit. Naturally, they want you to visit their page.

That all fine and acceptable, as long as they use legitimate means of bringing you to their site. Like optimize their site for search engines, or promote their site in some other way. But when they become too eager, they sometimes cross the line between what’s acceptable what what isn’t. And sometimes they use pagejacking.
Sometimes in order to increase the rating of some visitor-starved website, the whole content of a popular site is copied by an unscrupulous webmaster and duplicated on his own site. This is done merely in order to fool the search engines into thinking that it was the original item. And when this ploy works, the duplicate site appears among the top results returned by a search engine on a search made using the relevant key words or phrases.

This increases the chance that users will click on that link on the results page, without looking to carefully at the address to which it leads. And when they do, they will be taken to the duplicate site briefly, before being automatically redirected to another site – the one that could use some visitors to generate revenue. This is known as pagejacking.
As a user, there is little you can do in order to prevent this kind of nuisance, except be more careful about the actual URL of the link you’re clicking on the search engine results page. If you are opening asite from your bookmarks, or typing in the URL directly, there’s no chance of your being duped by a pagejacker.

If you’re the owner or the maintainer of the website that got jacked, however, it’s a different story. The main way you can hit back against the offenders is by suing them or threatening to sue under the copyright law. The content and design of your website is copyright material, and they’re violating you copyright by reproducing it without your permission. So send them a formal letter asking them to cease and desist, and follow it up with a letter from your lawyer. Pagejackers are normally sniveling cowards, and this should suffice to solve the problem. If it doesn’t, however, do not hesitate to go to court – you’re sure to win this one, and also get compensation for the business you lost because of this obstruction.

Posted in Adware, Anti-Virus and Virus, Spyware | No Comments »

Protect Yourself from Identity Theft

Identity theft is the fastest growing crime in cyberspace. In real life social situations, your identity cannot easily be stolen because you are identified by your appearance, your voice, your manner of speech, your habits and so on. Anyone who knows you should be able to tell at once whether it is you or some other person.

But on the internet, your name, looks, voice, habits etc. are not revealed. You are identified only by your electronic signatures, which can easily be forged by those who know how to do such things. And this may lead to financial loss and other trouble.

Imagine that in real life someone goes to a friend of yours, claims to be none other than you, and asks to borrow money. He will be instantly rejected because your friend knows that it isn’t you but some other person posing as yourself. But on the internet this is not so easy to find out. Anyone who is able to steal and use your electronic signature virtually becomes you, for all practical purposes. If that person has your credit card number or social security number, for instance, he or she can easily use that to make financial gains, to your detriment.

How to Prevent Identity Theft
How do you prevent against identity theft? There are a number of procedures that experts recommend. You cannot totally control whether your identity will be stolen or not, but following these shall at least minimize the risks.

First, use passwords to lock down all aspects of your online presence. You need to be specially careful about your social security number and your credit card number. Your telephone accounts can also some time be under threat, so it is best not to ignore those either.

What is a good password? If you use one that is easy to remember, then it will be easy to break, too. Do not use your mother’s maiden name or the name of your first school, or any such real information that can be fairly easily retrieved by a diligent cracker. Rather, use combinations of letters, numbers, spaces and punctuation marks to make it nearly impossible to break. And make it as long as possible – the longer the better. Remember, you shouldn’t write down your passwords anywhere, specially not on your desktop pad or on a file on your hard drive. These can be easily accessed by a determined person.

Secondly, use software like GPG (GNU Privacy Guard) to protect your privacy through strong encryption. This type of program can encrypt all your files and folders in a way that only one who knows the password should be able to access them. They can also encrypt your e-mail too, so that only the authorized recipient would be able to read them and anyone trying to intercept them midway shall only find a handful of jumbles.

Identity theft can also occur through insecurely handled real-life hard copies of important documents. Use a high quality paper shredder or incinerator to dispose of all your trash – you never know what little sliver of paper contains enough info to let your personality be hijacked. If you use traditional mail, drop your letters only at securely located mailboxes, and collect them personally from the post office.

Posted in Security News, Spoof Email or Phising | No Comments »

Linux Viruses

Are you afraid of ghosts? If yes, then chances are that you’ll be afraid of Linux viruses too, because there is an inherent similarity between them. Neither of them exists. In that sense, this article is rather similar to a ghost story – it is about something that sounds sinister enough to make you afraid, yet does not really exist.

Well, that isn’t completely and absolutely true. There is a famous Linux virus called Bliss, which was discovered in 1997. you want to know why it is so famous? Is it because it’s a particularly damaging, destructive, hairy sort of virus? Not really. In fact, it was rather lame, and couldn’t survive in the wild unless someone took special care of it and kindly provided it with what it needed to live. So what was the reason behind Bliss’s seemingly undeserved glory?

The reason is that Bliss is the only one of its kind – it is the only virus ever created for Linux. In fact, the programmer who created it posted it on a well known mailing list for programmers, admitting that it was only released as a proof of the concept that a virus could be written for any platform, but it wasn’t expected to survive in the actual environment of real computers running Linux for serious purposes.

And that was all, since that day in 1997, not a single virus has been seen for Linux. The anti-virus company McAfee tried to make much of Bliss, and released an anti-virus product for Linux, claiming that they were the ones who had found out all about it, and how it was one of the deadliest viruses known to civilization.

Which was totally untrue, because a programmer from that mailing list posted the virus to McAfee for inspection. What the company was trying to do was basically tap into the Linux computing sector with their AV business. Linux has traditionally been a sector of the market where AV companies have never made any progress, except in a special situation. McAfee were trying to remedy that by highlighting Bliss. It didn’t work, however. The Linux AV didn’t sell at all, and till date no computer in the world has been destroyed by this ‘deadliest of infections’.

What makes Linux so good? Apart from its inherent security model that is built into its kernel (which is the heart of the operating system), Linux is created as a multi-user system from the ground up. There is one administrator called root, who has the permission to do anything with the system. All normal users have write permission only in their respective ‘home directories’, which do not contain any system files. So any Linux virus, even if it existed, would only be able to work within the user’s home directory. Linux users are trained from the very beginning not to log in as root unless there’s some serious system-level work to be done. So the virus never has a chance of infecting the system.

The same could work for Windows if users could be trained enough to create unprivileged accounts for themselves and work with those when doing normal work. But Windows does not encourage this, because there are several everyday tasks like installing new programs or running defrag, which need administrative rights.

So if you have been made miserable by viruses, you can either burn a pocketful of bucks on the latest AV solution, or you could switch over to Linux and forget the whole sorry business for the rest of your life.

Posted in Adware | No Comments »

How to Tackle E-Mail Abuse and Spam

How many e-mails do you get every day that offers to sell you medicine without prescription, and at a fraction of their real cost? How many offers do you get to buy pirate software at one-tenth of their catalog prices? Do you find your inbox so full of unwanted, unsolicited e-mail that you can’t find the useful mail? Do you spend several minutes or hours everyday downloading mail that ultimately turns out to be useless? If you answer ‘yes’ to any of the above, then you are the victim of e-mail abuse, commonly known as ’spam’.

Spam mail is a booming business on the internet, and it is growing every day. Thousand of millions of unwanted e-mail are released every day, though only a fraction of that ever reaches actual addresses. Who does it, and why? And what can you do about it?

Spammers are clever technicians who have found out a way of sending mail in great bulks to thousand of addresses at once. They sometimes set up their own mail servers, but they can also use the service of other people’s servers without their knowledge. The dominant method of sending e-mail is known as SMTP (Simple Mail Transfer Protocol), and by default this service doesn’t have a way to authenticate the sender of an e-mail. So free mail servers on the internet often accept mail from anyone, and relay it to other servers. This type of freely accessible SMTP server is known as an ‘open relay’ an is one of the greatest nuisances on the internet. They are a free ball for spammers.

Read the rest of this entry »

Posted in Spam | No Comments »

All about computer worms

Beware of worms in your computer. When I say worms, in case you are a complete newbie in the field, you should know that they are not real worms. Worms are, in fact, a kind of program which enter your pc. You will never know, but in your computer will reside a program foreign to your needs. And in probability it, or more likely they will steal your delicate information for somebody with doubtful motives.

Does that sound like a thriller in the making? Well, it should, but also, it is the truth. Last year, bank frauds cost decent people around the world billions of dollars. And most of the money that got siphoned was lost due to faulty security. Your computer might be the next target.

Unaware, you might invite that Trojan Horse which will ruin your finances for good for the rest of your life. Therefore, be careful. Do not let worms into your computer as you would never let worms in your food.

Read the rest of this entry »

Posted in Anti-Virus and Virus | No Comments »

Mozilla Distributes Virus-Infected Language Pack

Anyone who downloaded the Vietnamese language pack for Firefox 2 needs to run an anti-spyware and anti-virus scan, then disable the pack for now. Mozilla warned yesterday that all versions of that language pack downloaded from its servers since Feb. 18, 2008, were infected with pop-up ad serving software.

Window Snyder, Mozilla’s chief security officer, said the Vietnamese language pack was contaminated as the result of a virus infection. “This usually results in the user seeing unwanted ads, but may be used for more malicious actions.”

Snyder said Mozilla doesn’t know how many people downloaded the compromised language pack, but said there have been 16,667 downloads of the pack since November 2007.

Mozilla is working on getting a replacement language pack up on the site soon. Snyder said that while Mozilla does virus scans when add-ons are uploaded to its servers, the scanner for whatever reason didn’t catch this nasty until several months after the upload. Mozilla is now adding post-upload scans to everything on its download servers, she said.

Language packs are add-ons in Firefox. Add-ons can be removed by clicking “Tools” and then “Add-ons.” According to the discussion on this in the Bugzilla database, the culprit here is something called “Trojan.Win32.Xorer,” which disables security software on the infected PC and spreads by infecting files, programs and removable drives.

The Vietnamese language pack for Firefox 2 contains inserted code to load remote content. This code is the result of a virus infection, but does not contain the virus itself. This usually results in the user seeing unwanted ads, but may be used for more malicious actions.

Everyone who downloaded the most recent Vietnamese language pack since February 18, 2008 got an infected copy. While we cannot determine the exact number of compromised downloads, there have been 16,667 total downloads of the Vietnamese language pack since November 2007, so we anticipate the impact on users to be limited.

Mozilla does virus scans at upload time but the virus scanner did not catch this issue until several months after the upload. We are also adding after-the-fact scans of everything to address this sort of case in the future.

A new language pack will be available shortly. Until then, Vietnamese language pack users should disable this package using the add-ons dialog on the Tools menu.

https://bugzilla.mozilla.org/show_bug.cgi?id=432406

source:blog.washingtonpost.com/securityfix/2008/05/mozilla_distributes_virusinfec_1.html

Posted in Adware, Security News | No Comments »

Yahoo and McAfee - More Secure Web Search Result

Yahoo and McAfee announced a partnership Tuesday under which potentially unsafe Web sites appearing in Yahoo search results will be flagged as risky.

The deal, an exclusive for Yahoo, uses McAfee SiteAdvisor technology to label a variety of potentially dangerous Web sites with red warning text and links to McAfee information about what risks the site poses. Among the triggers for a red warning message are sites that host spyware, adware, or virus-infected downloads; sites that have links to other Web sites with dangerous material; and sites that have a track record of harvesting e-mail addresses later used to send spam, the companies said

The companies declined to reveal the financial terms of the partnership.

The deal represents the latest attempt by Sunnyvale-based Yahoo to lure more search requests, snap out of its recent financial funk and steal advertising dollars from search leader Google Inc. as it tries to justify its rebuff of Microsoft Corp.’s $47.5 billion takeover bid.

Yahoo shares fell 15 percent Monday after Microsoft pulled out of merger talks over the weekend.

The deal gives Santa Clara-based McAfee a way to expose more Internet users to its security software and tempt them to upgrade to premium versions.

McAfee also benefits from teaming with Yahoo because it can use Yahoo’s search data to identify sites to examine for security holes and include within its products, McAfee’s Dowling said.

The McAfee technology being used on Yahoo’s site is a stripped-down version of McAfee’s full SiteAdvisor technology that also is available for free directly from McAfee. It uses red, yellow and green icons to label safe and harmful sites. A premium version adds other features.

Billions of sites have harmful content, and the criminal hackers behind them try relentlessly to manipulate search rankings to boost their links and ensnare more victims.

Yahoo’s Garg said the company was doing experiments to identify malicious sites and bar them from search results.

source:news.yahoo.com/s/ap/20080506/ap_on_hi_te/yahoo_mcafee

Posted in Security News | No Comments »

Spyware Blocker - Regain Control of your PC

Aside from viruses and worms, spyware is one of the biggest threats to security and privacy in the internet and this threat is becoming worse. In a study by America Online and the National Cyber-Security Alliance, it was found out that almost 80% of the users surveyed have computers infected with some form of spyware. Every computer surveyed had an average of 93 spyware components installed in its system. Almost 89% of these computer users were not aware of the spywares’ presence in their units and 95% reported that they had not given permission for these spyware to be installed.

The Spyware Threat

The term spyware does not refer to a single type of software, in fact it covers a broad category of malicious software whose common denominator is that they are designed to undermine a computer’s operation and intercept or take control of it without the informed consent of the computer’s owner or user. Spyware is also akin to adware, tracking software, trojans, spybots and other malware. Spywares are typically installed without the user knowing it. This is because one of the tactics used by spyware is by deceiving the user into installing it. This happens because most spyware come bundled with legitimate software or exploit a security hole in a browser such as Microsoft Internet Explorer.

For most people, spyware is most noticeable in the form of pop-up ads and banners advertising a particular product or site. These unsolicited pop-up ads can also do more than just annoying the user and can be a way for the spyware to take a hold and install itself in the computer’s system. Furthermore, spyware pose a more serious threat to the security and privacy of internet users since they can secretly monitor the user’s web browsing activities as well as gather information entered into the computer such as credit card numbers which can be easily exploited by malicious personalities.

Read the rest of this entry »

Posted in Spyware | No Comments »

Trojan Adware Hiding in MP3s, McAfee Says

Adware pushers have found a new way to trick you into downloading their annoying products: fake MP3 files.

On Tuesday, security vendor McAfee reported that it’s seen a huge spike in fake MP3 files spreading on peer-to-peer networks. Although the files have names that make them look like audio recordings, they’re really Trojan horse programs that try to install a shoddy media player and adware on your computer, said Craig Schmugar, a researcher with McAfee.

“Once you run it, there is no content. You’re taken to this site to install this player which you don’t really need,” he said.

Fake file names include: preview-t-3545425-changing times earth wind .mp3 and t-3545425-just got lucky.mp3. Users are first asked to OK an end-user license agreement before the Trojan installs two programs, Mirar and NetNucleus, on their PCs.

Ironically, while the Mirar software tells users that it doesn’t display popups, NetNucleus does deliver popup ads, so users who do not realize that they are installing two programs might feel tricked, Schmugar said. “You have a Window telling you that there are no popups and right behind it is a popup.”

Although McAfee has seen some nasty software disguising itself as media files in the past, it has never seen anything on this scale, Schmugar said. Over the past 24 hours, nearly a third of the McAfee customers who reported data back to the security company have detected these files, he said.

In the past few days McAfee has spotted the files on more than 360,000 users’ desktops.

Tags: McAfee, Adware, Trojan

source:www.pcworld.com/businesscenter/article/145567/trojan_adware_hiding_in_mp3s_mcafee_says.html

Posted in Adware, Trojan Horse | No Comments »

E-mail Spam on The Rise, Officials Offer Tips

While theater goers are flocking to performances of Monty Python’s musical comedy “Spamalot” as it tours across America, “a lot of spam” within e-mail inboxes is proving to be no laughing matter for Air Force and government employees. Spam is unsolicited and generally undesired bulk e-mail messages. Senders use spam for reasons ranging from advertising new products or services, to scams that bilk people of their finances. Increasingly, spam is used to download software to personal computers for malicious reasons.

At Air Force Materiel Command bases, the number of spam e-mails has been increasing for months. Currently, 90 percent of all inbound e-mail messages are spam. For AFMC that means more than 100 million spam messages a month, a 400 percent increase over the past six months. Within AFMC, special filtering software deletes more than 98 percent of all spam. In some cases only suspicious attachments are removed.

According to Lt. Col. Robert Henning, with Headquarters AFMC’s Communications, Installations, and Mission Support Directorate, most spam reaching AFMC recipients is addressed to AFMC Distribution Lists.

“This helps explain the recent widespread delivery, so we are exploring ways to tighten the use of distribution lists to help reduce external spam,” Colonel Henning said.

The potential damage from spam e-mails is the introduction of harmful attachments and Denial of Service Attacks. Colonel Henning said that a common tactic of recent spam e-mails is to get users to click on a Web link of a non-threatening Web site that has already been compromised.

“From there, the spammer attempts to install malicious code and gain access to our desktops and laptops, bypassing our network boundary defenses,” he said. “This is now a serious security threat.”

The colonel added that it’s important for workers to know what to do with spam e-mails when they appear.

“Recipients should send spam, as an attachment in a new e-mail, to their base/site network control center spam mailbox for analysis,” Colonel Henning said. “Users at each AFMC base can obtain that e-mail address by contacting their client support administrator.”

source:www.afmc.af.mil/news/story.asp?id=123097246

Posted in Spam | No Comments »