Ben Edelman
February 20 , 2006
Nonconsensual 180 Installations Continue, Despite 180′s “S3″ Screen
On Friday morning (February 17), I received a nonconsensual installation of 180solutions Zango software through a security exploit.
But what’s newsworthy here is that 180solutions got installed, even though 180 last year told the world that these nonconsensual installations were impossible.
180′s October press release correctly describes the serious harms that occur when users receive many advertising programs. “A myriad of unwanted software … can often negatively impact system performance,” 180 admitted. But 180 then claimed that S3 would keep 180 out of such bundles. I disagree. According to my records, the installation at issue also installed Ad-w-a-r-e, Adservs, Integrated Search Technologies, Internet Optimizer, Media Tickets, New.net, Quicklinks, Surfsidekick, Tagasaurus, Targetsaver, Toolbar888, Ucmore, Webhancer, Web Nexus, WinFixer, and more. These many programs collectively bombarded my test PC with an incredible 730 registry keys, 1194 registry values, 461 files, and 43 file folders. Worse, the newly-installed programs caused 61 processes to run on my test PC, via 24 EXEs set to load each time I turned on my computer. The programs even added three different toolbars to my web browser.
Copyright © is the original authors.
Invasion of the Computer Snatchers
washingtonpost.com
By Brian Krebs
Sunday, February 19, 2006
In the six hours between crashing into bed and rolling out of it, the 21-year-old hacker has broken into nearly 2,000 personal computers around the globe. He slept while software he wrote scoured the Internet for vulnerable computers and infected them with viruses that turned them into slaves.
The young hacker doesn’t have much sympathy for his victims. “All those people in my botnet, right, if I don’t use them, they’re just gonna eventually get caught up in someone else’s net, so it might as well be mine,” 0×80 says. “I mean, most of these people I infect are so stupid they really ain’t got no business being on [the Internet] in the first place.”
A quick scroll through the first few dozen pages of the file reveals credentials his victims have used to log in to online accounts at PayPal, eBay, Bank of America and Citibank, to name just a few.
Shadowboxing With a Bot Herder
washingtonpost.com
By Brian Krebs
March 9, 2006
Witlog may in fact be the product of a new generation of “script kiddiez”; the chief distinguishing feature of this generation being that instead of using Web site flaws to deface as many Web sites as possible, these guys are breaking into thousands of home and work PCs and taking them for a virtual joyride, often times all the way to the bank.
Copyright © is the original authors.
Updated: 03-01-06
Apple security updates
Sophos in Mac OS X worm false alarm
Cure worse than disease
By John Leyden
Published Thursday 23rd February 2006
Sophos has apologised after releasing a faulty signature update that flagged up legitimate Mac OS X system files as infected with a new low-risk worm, Inqtana-B.
The faulty signature file, issued on Tuesday, February 21, falsely identified a number of component files of Microsoft Office applications as infectious.
The UK-based anti-virus firm issued a new update in short time, two hours after the dodgy signature files went out.®
Third worm hits Mac OS
TechWorld
By Matthew Broersma
22 February 2006
Security researchers have confirmed what may be the worst-yet security flaw for Apple’s Mac OS X, following the appearance of two Mac worms in a single week.
The newly disclosed bug allows attackers to disguise malicious shell scripts as harmless files stored in ZIP archives. The bug is considered particularly dangerous because it can be used to execute malicious code on a system automatically via the Safari web browser, which is set by default to open ZIP archives.
F-Secure
Like Inqtana.A the .B and .C are locked to certain bluetooth addresses and are time limited to 24. February 2006, so they will not be able to replicate on any real environment and will work only in specially crafted lab. However it is possible that some virus author will create similar worms that are not intentionally limited, so please make sure that your OS X is up to date.
Red Herring
Security researchers said Friday they have found a second virus that affects Apple computers running the Mac OS X operating system, further eroding the long-held belief that Mac machines are more impervious to attacks than Microsoft’s Windows-based personal computers.
by certifiedbug on February 19, 2006
in News
By Stephen Hutcheon and Jacquelin Magnay
February 16, 2006
‘Spam man’ wins gold.
According to the International Olympic Committee’s website, Australia’s gold medallist Dale Begg-Smith, runs an internet pop-up advertising company that he describes as the third largest of its type.
According to the Canadian Press news agency, Begg-Smith said “his business had never dealt with any specific kind of advertising, only the technology to track how often the ads were being seen. It was up to his customers to decide what kind of ads they wanted to use, he said.”
Copyright © is the original authors.
