Lavasoft News - July 2007

Security Shorts

Spam Fighters Hit with DDOS Siege
Spammers launched a distributed denial of service (DDOS) attack against the anti-spam groups Spamhaus, SURBL (Spam URI Realtime Blocklists), and URIBL (Realtime URI Blacklist), according to the Internet Storm Center (ISC), in an apparent attempt to knock out important weapons in the fight against spam. The ongoing attacks, carried out by using a variant of the "Storm Worm" malware, succeeded in shutting down the web servers that power the three anti-spam services. According to one ISC member, there is a bright side to the attack: spammers must be desperate if they are focusing on anti-spam groups rather than using their resources to spread more spam.

arrow  Read more

Operation Bot Roast Finds Millions of Hijacked PCs
The U.S. FBI's Operation Bot Roast has identified over one million victim computer IP addresses being used in criminal activity. The arrest of three men accused of using the army of hijacked computers for spam related crimes was also announced. The Operation Bot Roast cyber crime project is an ongoing investigation that was launched to battle the growing botnet threat and to create public awareness about Internet security.

arrow  Read more

Caution Key in Preventing Rise of IM Attacks
Instant message based attacks are steeply rising, with security company Akonix Systems reporting findings of 170 instant message threats so far this year, a 73 percent increase over the same period last year. According to Akonix, the informal nature of IM is a key factor in the success of these attacks, compared to e-mail messages where users tend to be more cautious. The most typical means of attack has been to rely on social engineering to spread malicious code, such as sending a link that appears to come from an IM contact. Mid June also found hackers to be using exploits that target Yahoo's instant messaging software, making it imperative for users to patch the program.

arrow  Read more

City's Fund Hacked by Keylogger
Carson, a city in California, USA nearly lost $450,000 U.S. to hackers who reportedly infected a city treasurer's computer with key-logging spyware. Hackers were able to steal login credentials associated with bank accounts run by the city in order to shift the large sum from the city's general fund. All but $45,000 of the stolen cash was recovered after funds were frozen following discovery of the theft. The heist reiterates the fact that malware is a threat to large enterprises as well as individual consumers, and raises new concerns about lack of computer security and IT staff in U.S. municipalities.

arrow  Read more

Be Careful What You Search For
Looking up certain terms in search engines may put computers users at an increased risk for contracting malware, according to a new study. Keywords related to technology and music are most likely to yield sites with spyware and other malicious code, according to a study by McAfee Inc.'s SiteAdvisor service. Still, overall use of search engines is getting safer. While around 4 percent of search results lead to risky sites, that figure is down from 5 percent a year ago.

arrow  Read more

Home   arrow

 
Ad-Aware 2007 - Now Available
Stats
By the end of 2008, there will be more than one billion personal computers in use worldwide. Forrester Research Inc. predicts that the number of PCs in use will more than double by 2015. It took 27 years to reach the billion-PC mark, but it will take only five years to reach the next billion, due to advanced technology, lower prices, and emerging technology-aware populations.

Source: Forrester's "Worldwide PC Adoption Forecast to 2015"
EULA
Term of the Month
An End User License Agreement, or EULA, is a software license agreement that indicates the terms for an end user to utilize certain software. That fine-print legal jargon that makes you want to check the box next to, "Yes, I have read and accept these terms," without fully reading the text, is an official agreement between you and a software vendor.
Tech Tips
It is important to read all EULAs and privacy statements carefully before installing new software. If the EULA is hard to find or difficult to understand, reconsider installing the software. You should never install software without knowing exactly what it is. By not fully reading the EULA, you may agree to questionable activities by the software vendor, and even to installing spyware and adware on your computer. The Zlob/Smitfraud Trojan (fake codecs most notably) actually DOES include proper disclosure of what will be downloaded to your PC. Take the time to read EULAs carefully!
Helpful Homepage
WiredSafety.org is the world's largest online safety, education and help group. Adults can visit the site for information on safely navigating the World Wide Web, and there are also specialty directories designed for kids. While it originally formed to help and protect Internet users of all ages, Wiredsafety.org's work has become increasingly dedicated to children, tweens, and teens.
Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg
Sweden

www.lavasoft.com
editor@lavasoft.com
http://www.lavasoft.com