Cleaner affiliates gotcha

by certifiedbug on October 18, 2009

in Scareware Rogues

S!ri, a well known and respected malware fighter in the security community, wrote that some webmasters (cleaner affiliates) regularly use the screenshots that he made after analyzing a rogue, in their own blog posts.

The cleaner affiliates write about the dangerousness of the rogue and link to a “Free” Scan or “Free” Removal tool which may not be free at all. :-x

So I decided to MAKE a picture of a new rogue that does NOT exist: Secure Shield. I post the picture and wait for the “serious” guys.

Those guys are inventing files, folders and keys name.

Secure Shield fake rogue


Operation Phish Phry Indictments

by certifiedbug on October 8, 2009

in News

FBI Press Release

The largest number of defendants ever charged in a cyber crime case have been indicted in a multinational investigation conducted in the United States and Egypt that uncovered a sophisticated “phishing” operation that fraudulently collected personal information from thousands of victims that was used to defraud American banks.

Authorities in several United States cities arrested 33 of 53 defendants named in an indictment returned last week by a federal grand jury in Los Angeles. Several defendants charged in the indictment are being sought this morning by law enforcement. Additionally, authorities in Egypt have charged 47 defendants linked to the phishing scheme.

Full Statement

FBI Director Robert Mueller’s speech on cyber threats. Mueller told how he nearly fell for an email phishing scam himself.

After changing all our passwords, I tried to pass the incident off to my wife as a “teachable moment.” To which she replied: “It is not my teachable moment. However, it is our money. No more Internet banking for you!”


Press release

A rogue Internet Service Provider that recruits, knowingly hosts, and actively participates in the distribution of spam, child pornography, and other harmful electronic content has been shut down by a district court judge at the request of the Federal Trade Commission. The ISP’s upstream providers and data centers have disconnected its servers from the Internet.

According to the FTC, the defendant, Pricewert LLC, which does business under a variety of names including 3FN and APS Telecom, actively recruits and colludes with criminals seeking to distribute illegal, malicious, and harmful electronic content including child pornography, spyware, viruses, trojan horses, phishing, botnet command and control servers, and pornography featuring violence, bestiality, and incest. The FTC alleges that the defendant advertised its services in the darkest corners of the Internet, including a forum established to facilitate communication between criminals.

Bolding mine.

The FTC also alleges that the defendant engaged in the deployment and operation of botnets – large networks of computers that have been compromised and enslaved by the originator of the botnet, known as a “bot herder.” Botnets can be used for a variety of illicit purposes, including sending spam and launching denial of service attacks. According to the FTC, the defendant recruited bot herders and hosted the command-and-control servers – the computers that relay commands from the bot herders to the compromised computers known as “zombie drones.” Transcripts of instant-message logs filed with the district court show the defendants’ senior employees discussing the configuration of botnets with bot herders. And, in filings with the district court, the FTC alleges that more than 4,500 malicious software programs are controlled by command-and-control servers hosted by 3FN. This malware includes programs capable of keystroke logging, password stealing, and data stealing, programs with hidden backdoor remote control activity, and programs involved in spam distribution.

Complete article:
FTC Shuts Down Notorious Rogue Internet Service Provider, 3FN Service Specializes in Hosting Spam-Spewing Botnets, Phishing Web sites, Child Pornography, and Other Illegal, Malicious Web Content

Security Fix


NoScript-Adblock Plus mini wars

by certifiedbug on May 4, 2009

in Browser

Posted by: Giorgio, NoScript. 2009-05-04

I screwed up. Big time.
Not just with Adblock Plus users but with the Mozilla community at large.

I did something extremely wrong, which I will regret forever.
I abused the power and wasted the enormous trust capital gained by the NoScript add-on through the years to prevent Adblock Plus from blocking stuff on four internet domains of mine, without asking an explicit preemptive user consent.

This is absolutely inexcusable. Something I would never conceive again for the life of me.

Dear Adblock Plus and NoScript Users, Dear Mozilla Community

Posted by: Wladimir Palant, Adblock Plus. 2009-05-01

Recently I wrote about how not giving extension developers a good way to earn money might lead to very undesirable effects. The recent events give an impression of the kind of effects we should expect here. This is going to be about the popular NoScript extension which happens to make its money from ads. And to make sure that somebody sees these ads it goes pretty far.

Attention NoScript users

Edit: Added links.

Mozilla Blog No Surprises

Surprises can be appropriate in many situations, but they are not welcome when user security, privacy, and control are at stake. Mozilla is committed to guarding these principles, and we feel that a policy should be adopted that explicitly details our stance on these issues in regard to add-on modifications.

We welcome all constructive feedback and comments on this proposal, preferably in the AMO Newsgroup.


Spam gang member pleads guilty

October 16, 2008

Judy Devenow pleaded guilty to fraud and conspiracy charges Tuesday in federal court in Michigan, admitting she had sent millions of spam e-mails a day helping spam kingpin Alan Ralsky. Devenow said she was paid US$150,000 to send e-mail and manage others from January 2004 through September 2005. She, Ralsky and nine other people were […]

Read the full article →

Airport baggage screener charged with theft

October 15, 2008

Fly the friendly skies. Pythias Brown, 48, of Maplewood, New Jersey, regularly sold the high-priced video cameras, laptop computers, and global positioning systems on eBay using the handle “alirla”, according to a criminal complaint filed in federal court in Newark. Brown told investigators he began stealing the items in September 2007 while screening luggage at […]

Read the full article →

FTC Shuts Down, Freezes Assets of Vast International Spam E-Mail Network

October 15, 2008

A U.S. district court has ordered a halt to the operations of a vast international spam network that peddled prescription drugs and bogus male-enhancement products. The network has been identified as the largest “spam gang” in the world by the anti-spam organization Spamhaus. The Federal Trade Commission has received more than three million complaints about […]

Read the full article →

Hacker sentenced to two years in prison

October 12, 2008

United States Attorney McGregor W. Scott announced Tuesday that Gregory King, 21, a California resident once known as “‘Silenz” “sZ” “Gregk707″ and “GregK” was sentenced to two years in federal prison and ordered to pay $69,000 in restitution following a guilty plea to two counts of transmitting code to cause damage to a protected computer. […]

Read the full article →

GlobalSign revokes rogue program’s digital certificate

August 16, 2008

Antivirus XP 2008, a known rogue anti spyware program, was digitally signed by Globalsign. Alerted by The Register on Friday, GlobalSign revoked the certificate, pending an investigation. They may have moved swiftly to remove the cert after being alerted, however the question still begs as to why GlobalSign gave Antivirus XP 2008 a certificate in […]

Read the full article →

“Spam King” pleads guilty

March 17, 2008

My last post on this item was May 31, 2007, the month Soloway was arrested. Several months later, after pleading guilty to fraud and tax evasion charges, Soloway is due to be sentenced 20 June, 2008. The notorious spammer has previously been found guilty of sending spam in several civil cases, Microsoft won a $7.8m […]

Read the full article →