Lavasoft News - January 2007

Editorial graphicHappy New Year! Lavasoft liked the number 2007 so much we decided to make it the year to launch the latest version of our signature anti-spyware tool Ad-Aware - hence the name - Ad-Aware 2007. Read more about the product and how to stay safe in a year expected to be a lucrative one for cyber thieves. 2006 seemed to be spam's year, but 2007 will not likely be any different. That is why this issue of Lavasoft News focuses on the phenomenon that has every computer user on the planet talking. Enjoy this year's first Lavasoft News and do not hesitate to tell us what you think at editor@lavasoft.com

News from Lavasoft

The Countdown to Ad-Aware 2007
The original anti-spyware company is about to remind all of you why we put the name anti-spyware on the map.

arrow  Read more

Spam - Taking Over our E-mail Inboxes
It is too bad we cannot turn back the hands of time to when Spam was just a canned luncheon meat. Today's version of spam is leaving a bad taste in our mouths for a different reason.

arrow  Read more

Groups Waging a War on Spam
Wiping out spam is no easy task, but several groups are doing their best to tackle the online nuisance that has evolved into an online epidemic.

arrow  Read more

Privacy in a Digital World
Technology in the world we live in is an important part of our daily communication and interaction. As digital technology collides with privacy concerns, how much control do you have over your personal information?

arrow  Read more

Spyware Ops - A Year in Review
Last month, we told you how the validity of existing spyware legislation is being questioned. It's not all bad news in terms of busting the bad guys. Take a look at the progress made this past year.

arrow  Read more

Security Shorts
Lavasoft News has compiled of a list of "security shorts" - summaries of other online security stories making news around the world this past month.

arrow  Read more

 

Spyware Newsbits

New Targets in Detection (December 2006)
Protect your privacy with a complete list of new targets for December 2006.

arrow  Read more

Discount on Ad-Aware SE extended to January 10, 2007

The Countdown to Ad-Aware 2007

Ad-Aware 2007 is coming soon to a computer near you.

Lavasoft is currently putting the finishing touches on the release candidate with the help of our loyal VIP beta-testers. The developers have been hard at work for months on the latest version of the anti-spyware tool used by more than 200 million computer users around the world today.

"Thanks to the input from our users around the world, I am thrilled to bring a new Ad-Aware product to the market that is designed to meet the needs of today's computer user," says Lavasoft CEO Ann-Christine Åkerlund. "As soon as Ad-Aware 2007 hits the market, we will be turning our attention to the next generation of Lavasoft products."

Ad-Aware 2007 will be available in Free (formerly known as Personal), Plus and Pro versions. An updated version of Enterprise will be launched at a later date. Along with an updated product, we have given Ad-Aware's icon and retail box design a makeover; the new looks are familiar, but fresh.

The beginning of 2007 seems an appropriate time to launch, with security experts expecting this year to be one when cyber criminals take their sophistication to a new level.

As users slowly catch on to e-mail (phishing) scams, the scammers need to come up with new tools. It is predicted they will set their sites on social networking websites, instant messaging services, and those making calls over the Internet.

Lavasoft Security Center Manager Christopher Allansson says computer users should also be aware of programs that try to lure them into installation in order to gain some "special" function.

"These programs are often full of viruses, rogue anti-spyware, keyloggers and spambots," says Allansson. "The worst forms of malware have a rootkit in them that fully expose the users without them even being aware of infection, and which also cause mass-spamming. Malware is becoming more sophisticated and is capable of changing the PC's system so much so that Windows sometimes has to be fully re-installed."

Allansson also stresses the trend for people to hook up more of their home electronics to the Internet is dangerous because they often use wireless connections, which leave the user totally unprotected against hackers and infections.

It is important for you, the user, to educate yourself and stay up-to-date on the latest threats. And having real-time protection against spyware is a must for 2007 and beyond. Ad-Aware's latest edition is optimized to seek and destroy the latest spyware threats on the market today and those to come. Here is a sneak peak at some of the new-and-improved features you can look forward to in Ad-Aware 2007:

Features
The technical version:
- enhanced Code Sequence Identification (CSI) accuracy for malware identification with our improved hash technique What that really means:
- find more malware with a faster, and more accurate, detection technique

The technical version:
- incremental updates from our extensive Detection Database
What that really means:
- quicker downloads at more frequent intervals

The technical version:
- expanded Ad-Watch real-time protection
What that really means:
- multiple browser support includes a new browser clean sweep of cache, cookies, history and latest URL's. Improved identity theft protection, better registry protection, and the continued blocks of pop-ups and tracking cookies

The technical version:
- advanced auto-schedule capacity
What that really means:
- you set the time and date for your scans and Ad-Aware does the rest

The technical version:
- new GUI organization and structure
What that really means:
- It is easy-to-use, easy to navigate, and "gosh-darnit", it looks good!

Download Release Candidate 1 for Ad-Aware 2007, available soon at www.lavasoft.com and check out the new-and-improved features yourself. Also make sure to tell us what you think.

Spam - Taking Over our E-mail Inboxes

It is highly unlikely you can go an entire week without getting dozens of spam e-mail messages in your inbox.

Statistics from e-mail security firm Postini show that nine of 10 e-mails sent worldwide today are considered spam.

"E-mail systems are overloaded or melting down trying to keep up with all the spam," said Dan Druker, Vice President at Postini.

In November alone, Druker's company detected seven billion spam e-mail messages worldwide compared to 2.5 billion just a few months earlier.

SurfControl claims the volume of spam in the UK alone increased by 50 percent between September and November of 2006. The major increase in spam was partially attributed to the Stration e-mail virus that made the rounds last summer.

The European Union is calling on its nations' governments to step up their fight against spam, spyware and other illegal online activities.

An EU report found that only two countries - the Netherlands and Finland - had shown results since enforcing a 2002 law cracking down on spam.

"Spam mail has been cut by 85 percent in the Netherlands, thanks to Dutch authorities handing out fines to businesses that send spam," said Martin Selmayr, spokesperson with the EU.

In Finland, strict filtering measures reduced spam from 80 percent to 30 percent.

The EU report says these unsolicited e-mails are becoming increasingly "fraudulent and criminal"; so-called phishing e-mails are designed to lure users into releasing their sensitive data. Zombie-networks, which are able to link to as many as 100,000 home computers at a time, are being blamed for the rise in spam. They are leased to people who in turn send millions of spam messages.

The US, which has long been the largest spam-sending country in the world, looks like it is set to be overtaken by China. The United States currently accounts for nearly 27 percent of unsolicited e-mails, and China 26 percent.

"The United States is continuing to decline as a source of spam e-mails," Ken O'Driscoll of IE Internet told ENN. "We've been predicting this for some time as US-based spammers are actively off-shoring their operations to avoid tough US anti-spam laws."

The EU and the US have agreed to tackle spam through joint enforcement initiatives, and explore ways to fight against illegal spyware and malicious software.

European officials also plan to put forth new legislation strengthening user privacy and security sometime later this year.

Groups Waging the War Against Spam

Scott Hazen Mueller is the founder of what is considered the "Great Granddaddy of all anti-spam sites", spam.abuse.net.

The site launched in 1996 as a petition site for a consumer boycott of anything spam-related - products sold via spam, spamming services, and the corporations supporting the services. It has become a household name in the anti-spam community.

"The goal is to be the first stop for people interested in learning about spam and about stopping it," Mueller told Lavasoft News. The site provides countless links and resources and is always looking for new additions that are of interest to the anti-spam community.

Mueller decided to take his anti-spam fight one step further and launched the ad-hoc, all volunteer organization, CAUCE. The Coalition Against Unsolicited Commercial E-mail (www.cauce.org) was formed to lobby the US Congress to outlaw UCE (Unsolicited Commercial E-mail), better known as spam.

Congress passed CAN-SPAM in 2003, federal legislation that many in the anti-spam community, like Mueller, see as a failure.

"While we wait for that to become fully evident - and wait for a better legislative climate - we are participating as a consumer representative in industry groups," said Mueller.

Mueller has also been busy helping launch CAUCE sibling groups such as EuroCAUCE and CAUCE.au that have lobbied their governments for laws against spam.

In the early days of UCE, when spammers started advertising their tools for sale, many like Mueller actually thought the problem would eventually fizzle out.

"Those of us in the anti-spam community jumped on that as proof that spamming was a giant pyramid scheme and that the easy money was running out and so the spammers were looking for suckers to fleece and leave holding the bag," he said. "Unfortunately, it appears that we were wrong - not only is there money in being a spammer, it's serious big money."

And Spamhaus knows all about that. The non-profit organization based in the UK tracks global spam gangs, works with Law Enforcement Agencies like the FBI to pursue spammers, and offers real time anti-spam protection for networks. But it is perhaps best known for its ROKSO database (Register of Known Spam Operations).

According to Spamhaus, up to 80% of spam targeted at Internet users in North America and Europe is generated by approximately 200 known professional spam gangs. The top 10 list of its ROKSO database spammers, including names and pictures, is updated weekly and posted here.

Perhaps the most infamous spammer to date, American Jeremy Jaynes, who is now behind bars serving a nine year sentence in a Virginia prison, was listed as the eighth-worst spammer on the ROKSO list at the time of his arrest. His was the first ever US felony conviction in a spamming case.

Anti-spam advocate Mueller thinks these spammers will continue to bombard our inboxes so intensely that it could eventually drive our current form of e-mail communication into extinction.

"Well, the easy call is that it (spam) will get worse again; it has every year since 1996. Ultimately, I think.e-mail is going to have to be replaced with something else. What that is, and where it will come from, I have no idea."

What are your thoughts? Will e-mail become extinct? What do you think it will be replaced with? Write to us at editor@lavasoft.com and we'll post some of your thoughts in the next edition of Lavasoft News.

Privacy in a Digital World

Everyday, technology makes our lives a little bit easier. But it also means our private information is a little bit more visible to the world.

In our digital world, privacy is no longer just the "right to be left alone", the basis of many existing laws. Privacy has taken on an extended meaning - the ability to protect personal information that is vital to the security of both family and corporate life.

Suddenly, we are able to communicate to millions, sometimes inadvertently, with a few clicks of a mouse. Anyone with the right software can write a blog, e-mails can be sent and forwarded to numerous people at a time. We can browse, shop, and buy from e-tailers in the privacy of our own homes.

But, we also leave a digital trail. Our Internet use can be monitored and our e-mail can be tracked. Our personal information can be stored, and even leaked. Spyware and malware can enter our computers, leaving any actions we take able to be viewed by criminals around the world.

"As thinking and writing increasingly take place in cyberspace, the part of our life that can be monitored and searched has vastly expanded.On the Internet, every website we visit, every store we browse in, every magazine we skim, and the amount of time we spend skimming it, create electronic footprints that can be traced back to us," writes Jeffrey Rosen, in his book on the destruction of privacy, The Unwanted Gaze.

Modern privacy laws may soon expand to reflect our highly monitored online world. U.S. Senator Hillary Rodham Clinton is calling for the creation of a privacy bill of rights to secure consumers' protection.

The Privacy Rights and Oversight for Electronic and Commercial Transaction (PROTECT) Act, and the Debit and Check Card Consumer Protection Act are both pieces of legislation that Senator Clinton has introduced as part of a comprehensive privacy agenda.

"Identity theft and the theft of our personal information is out of control. No one today is safe, not even kids and young adults, as identity thieves carry out electronic muggings that can cost people cash and their credit records. That's why I am adding new provisions to the privacy bill of rights I believe every American needs," Senator Hillary Clinton, who introduced the bills, said in a press release.

The PROTECT Act will help to put power back into the hands of consumers, with security protections that will give them a say in how companies buy, sell and market their private data. The Debit and Check Card Consumer Protection Act will limit liability for people whose debit cards, check cards, or card numbers have been stolen, according to Senator Clinton's website.

Robert Atkinson, president of the pro-technology think tank, The Information Technology and Innovation Foundation, feels that while there may be a need for national legislation to preempt conflicting regulations at the state level, too much legislation could have harmful affects.

"In an cross-border digital economy, it's simply unrealistic to expect the economy to be able to thrive if companies face a "tower of Babel"-like array of conflicting regulations at the state level," Atkinson told Lavasoft News. "At the same time there is a real risk of overreach at the federal level that could limit business models and impose significant compliance costs on the economy, which will ultimately be borne by consumers."

Exactly what role government will play in balancing new technology and regulation of it has yet to be finalized. What is certain is that technology in our digital world is both vital and here to stay.

"The IT revolution is responsible for all the pick up in productivity since 1996. And its central role is unlikely to diminish in the near future, unless government, instead of helping to spur IT transformation, actually works to limit it. We certainly are no more than half way through the IT revolution and we should expect to see dramatic new IT applications as well as the widespread adoption of IT through most sectors in society," Atkinson said.

Spyware Ops - A Year in Review

Spyware, malware, and online threats are growing at threateningly rapid rates. But a look back at the legal action taken this past year shows that it is not all unchecked criminal progress, as scores of operations were brought down in million dollar settlements.

The beginning of December marked the conclusion of Washington, USA's first case prosecuted under the state's 2005 Computer Spyware Act. The $1 million settlement with rogue anti-spyware vendor Secure Computer LLC., prohibits the company from using deceptive marketing techniques to promote its software.

Secure Computer was accused of marketing its product with misleading spam and pop-up ads that offered free spyware scans that would falsely detect infections on user's computers.

After filing the Secure Computer case, the Washington attorney general's office has settled anti-spyware suits against three other spyware programs: Spyware Slayer, QuikShield Security and SoftwareOnline.com's InternetShield and Registry Cleaner software.

While Washington is only the third U.S. state to file a spyware suit, trailing suits by New York and Texas in 2005, fourteen other states have passed anti-spyware legislation.

The U.S. Federal Trade Commission (FTC) has been doing its part to protect consumers from spyware by continuing to challenge unfair and deceptive cyber operations.

The agency has pursued and shut down nine spyware distributors since 2004, according to Tara Flynn, assistant director of the FTC's bureau of consumer protection.

November 2006 proved to be an active month in stopping alleged spyware purveyors.

At the start of the month, the FTC released the news that Zango Inc. was slapped with a $3 million dollar judgment, and the condition that the company must have user consent before installing software onto computers.

Shortly after, in mid November, ERG Ventures, LLC, the alleged distributor of the Trojan Media Motor program, was shut down by a U.S. district court following charges by the FTC.

The end of the month brought an FTC announcement that two more alleged spyware operations had been axed.

One settlement was reached with Odysseus Marketing Inc., charged in October 2005 with illegally downloading spyware onto consumers' computers, and then allegedly selling the stolen data. The company agreed to surrender $1.75 million in ill-gotten gains, with all but $10,000 suspended due to inability to pay.

The second settlement involved John Robert Martinson, principal of Spy Deleter, who was charged with unfairly selling anti-spyware software, in cooperation with Sanford "Spam King" "Spamford" Wallace. Martinson has been banned from further spyware practices, and was ordered a fine of $1.86 million, with all but $40,000 suspended because he was unable to pay.

As for Wallace, whose nicknames were earned in the '90's after his company, Cyber Promotions, invaded millions of consumers' PC's with spam e-mails, the FTC ordered a default judgment against him in May, forcing him to give up $4.1 million.

This past September, the FTC announced a hefty $2 million settlement with two companies and three individuals (Enternet Media Inc., Conspy & Co. Inc., Lida Rohbani, Nima Hakimi, and Baback Hakimi) that had been distributing alleged spyware software under the names Search Miracle, Miracle Search, EM Toolbar, EliteBar, and Elite Toolbar.

Other major spyware settlements in 2006, requiring the defendants give up almost $2 million in ill-gotten gains, include Spyware Assassin and Trustsoft, both charged with deceiving users with rogue anti-spyware programs.

To see a complete list of the FTC's spyware enforcement actions, click here.

Spyware Shorts

Malware on Macs

Warnings from security experts that Macs are not safe from malware attacks may now be confirmed. Researchers have found the first signs of an adware and spyware program that is able to launch browser windows on Apple Computer's Mac OS X. The proof-of-concept program could be silently installed on a Mac's user account and hooked to applications, according to security vendor, F-Secure.

arrow  Read more

UCLA Security Breach

UCLA (University of California, Los Angeles) is investigating a computer security breach that could have affected up to 800,000 current and former students and staff, making it one of the largest such breaches ever at an American university. Names and personal information like Social Security numbers were exposed after a hacker broke into the school's computer system. UCLA's chancellor says there is no evidence as of yet the data has been misused

arrow  Read more

High Expectations for Vista Switch

Computer users may switch to Microsoft's Windows Vista operating system at a faster pace than any other operating system release, a software analyst has predicted. Within the first year of availability, up to 15 percent of PC users will make the move to Vista, according to a researcher at Ovum Ltd. The fast-paced adoption of Vista is expected for both corporate and home users.

arrow  Read more

Worm Spreads on MySpace

The social networking site, MySpace, has been hit by a worm that steals log-in credentials and spreads spam by using a cross-scripting weakness in Apple's QuickTime multimedia player. The vulnerability is in Mac versions of QuickTime, as well as the QuickTime Alternative codec package. An informal test showed that close to a third of users scanned were infected with the worm. MySpace has offered a security patch, distributed by Apple, to users who accessed the site with Internet Explorer and a detectible version of QuickTime.

arrow  Read more

Name Description
Adware.Mirar

Adware.Mirar gathers information from search terms and visited websites and displays advertisements based on the gathered information.

Adware.PluginDL Adware.PluginDL displays advertisements based on keywords in the websites the user visits.
Adware.TrafficSol

Adware.TrafficSol installs a dll file into the system32 folder. The malicious dll file hijacks the IExplorer browser. When the user does standard searches in the browser it will be exposed with pop ups and force installs of rogue anti-spyware programs.

BraveSentry BraveSentry is a rogue anti-spyware program; it displays fake warnings on the user's computer to persuade the user to purchase its full commercial version. It may be related to Spysheriff/SpywareNo
Win32.Hacktool.WinSpy

Win32.Hacktool.WinSpy is a tool that is able to hijack, monitor and send private information about the user's computer.

Win32.TrojanDownloader.Banload

Win32.TrojanDownloader.Banload downloads Win32.TrojanSpy.Bankers. The malicious downloaded files run in stealth and wait for the user to log in on a specific bank domain. When this happens it transmits banking information without the user's explicit permission.

TAI - Threat Assessment Index
The Lavasoft Threat Analysis Index (TAI) system is based on a 10-point scale, with 1 representing the lowest threat and 10 representing the highest. The behavior of the program has more influence when assigning TAI points than the actual technical aspects of the malware. In other words, if the malware secretly attaches without the computer user's full understanding and approval, then it will automatically be given higher TAI points. A minimum TAI value of 3 is required before the malware is put into detection. Read more on the Lavasoft Security Center here.

 

Threat Analysis (TA) Index

 
Spam Stats
1971 The first e-mail was sent by the computer engineer Ray Tomlinson
50 billion Number of e-mails sent every day
45 billion Number of e-mails from spammers
$50 billion The cost in lost productivity and expenses to fight spam in 2006
Source: The Times Online

Term of the Month
Internet lore claims the term spam gets its name from the well-known Monty Python sketch set in a café where every dish comes with the tinned-meat product Spam! A spam e-mail message is defined as being both unsolicited and bulk.

Forum Spam
Lavasoft's forums administrator CalamityJane deals with spam on a daily basis. She actually bans about 100 spammers per month. "Our forums do employ prevention measures such as requiring e-mail validation of new members and the CAPTCHA security routine, plus we have ban filters in place to minimize the amount of spam posts in the forums. It continues to be a problem and users need to be aware of precautions they should take when encountering forum spam posts (do not click on links or attachments). Report any spam to a Forums Administrator," she says.

Read more about Forum Spam at Wikipedia and take advantage of CalamityJane's expertise in the Lavasoft Support Forums today.

Tech Tips
If you have received e-mails that are just filled with gibberish, but do not require you to click on anything, they are designed to get you to mark them as spam and confuse your Bayesian spam filter (uses statistical methods to classify messages as spam). It may be wise to use your web mail account to delete all junk mail before opening up Outlook or Outlook Express.

Letter to the Editor
This is the first newsletter (December Lavasoft News) that I have received from you and it's very informative. Thanks for all of the new info.
There's so much out there that you don't know who to believe. You seem to put it in some order.

Thanks
Maryann Garrett
Rison, Arkansas, USA

Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg
Sweden

www.lavasoft.com
editor@lavasoft.com

Page footer