February 2008

Security Shorts

Scareware App Aims for Mac Users
Windows users are not the only ones that need to fear rogue security software. MacSweeper is the first phony anti-malware software, according to Finnish security company F-Secure. True to form, the bogus application attempts to scare the user into purchasing unnecessary and deceptive anti-malware services.
Read More

New Trojan Targets Online Banking
A new Trojan horse, capable of intercepting online banking transactions, is preying on unsuspecting computer users in order to steal sensitive financial information. According to reports, the malware is able to interrupt online banking transactions, even ones well-guarded by two-way authentication procedures, in order to change the user’s bank account details. While researchers contend that the threat is not widespread, it is particularly worrisome due it its ability to remain undetected by the victim.
Read More

Malware Writers Exploit Pakistani Leader’s Murder
Malware writers took advantage of former Pakistan prime minister Benazir Bhutto’s assassination to entice users to malicious websites. Web searches for news on the tragedy yielded sites promising a video, researchers say. In order to view the clip, users were then prompted to install a video codec; in reality, they installed a variant of the Zlob Trojan. Other sites, reports say, relied on drive-by-downloads to exploit news of the tragedy.
Read More

Sears, Kmart Accused of Spreading Spyware
Sears Holding Corporation, owners of Sears, Roebuck and Co. and Kmart, have been accused of purveying spyware and badware after installing tracking software from ComScore on customers’ computers. Critics of Sears’ community software argue that customers were subject to the installation of marketing software without adequate notice, failing to meet U.S. Federal Trade Commission guidelines. In response, Sears maintains it clearly notified customers before they accepted the software installation.
Read More

Cyber Crime Flourishes on Social Sites
Social networking sites, like MySpace, Facebook and Orkut, will become an attack vector of choice for cyber thieves in 2008, industry analysts predict. January saw the spread of a worm masquerading as a “Secret Crush” on Facebook, as well as warnings of a MySpace profile mimicking a Microsoft security update to infect visitors with malware.
Read More

Dutch Media Player Shipped with Worm
Some shoppers may have received more than they bargained for after purchasing digital media players from a Dutch importer during the holidays. According to reports, a batch of MP3 players sold by Victory Nederland was found to be infected with the “Fujack worm.” The worm may have spread through an infected PC used to scan the media players for errors prior to shipping.
Read More


Paragon Drive Backup 8.5 Personal Edition More Info Buy Now

Research indicates that the Storm Worm botnet increased in size by over 200% due to seasonal spam blasts surrounding Christmas and New Year’s Eve. Following a pre-Valentine’s Day surge, Storm made up 8% of overall e-mail traffic.
Source: Honeyblog.org, Sophos

An exploit is a piece of software that takes advantage of a hole or vulnerability in a computer user’s system in order to gain unauthorized access to the system.
Source: Anti-Spyware Coalition Glossary

You hear time and time again about the importance of keeping your computer patched against known vulnerabilities. Find out how to stay up-to-date.

“I just wanted to tell you what an amazing line of products you have. Many times [Ad-Aware 2007] has saved my computer from a total crash, or me the hassle of wiping the hard disk clean. It finds so many things: malware, adware, spyware and malicious email attachments, Trojans, monitoring tools and back-door viruses, things that are so hard for me to find on my own. Thank you, really. You make my life so much easier.”
S. Black (Setsuna, Kansas, USA)

Lavasoft AB Lilla Bommen 1, 411 04 Gothenburg, Sweden | www.lavasoft.com | editor@lavasoft.com