Social-Engineering

Koobface command and control servers silent

by certifiedbug on January 19, 2012

in Internet Security

H Security

The Koobface network is apparently down, according to Facebook. Ryan McGeehan, Facebook security official, told Reuters that the company’s decision to expose the five men alleged to be behind the malware had had an effect within 24 hours: “The thing that we are most excited about is that the botnet is down.” Yesterday, Facebook decided to publish the names of alleged gang members based on details of research carried out in 2009-2010 by two German researchers. One of the researchers works for Security company Sophos, which pre-empted Facebook’s announcement by publishing the report.

http://www.h-online.com/security/news/item/Koobface-C-C-goes-silent-after-alleged-controllers-exposed-1416869.html

{ 0 comments }

Koobface malware gang exposed

by certifiedbug on January 17, 2012

in Internet Security

H Security

The five men behind the Koobface worm, which spreads over Facebook and other social networks, hide in plain sight, living comfortably in St Petersberg, Russia, according to Facebook investigators and other security researchers.

http://www.h-online.com/security/news/item/Koobface-gang-to-be-exposed-by-Facebook-1414813.html

IDG News Service -
http://www.computerworld.com/s/article/9223484/Facebook_researchers_turn_up_heat_on_Koobface_gang

{ 0 comments }

Backdoor Olyx

by certifiedbug on August 3, 2011

in Internet Security

Microsoft Malware Protection Center

The recent emergence of rogue security software applications for Mac demonstrates how cybercriminals effectively use social engineering techniques to manipulate users’ responses – specifically, exploiting user’s fear of revealing sensitive information such as credit card details. This scare tactic evidently works regardless of the platform. While financial gain is primarily the motivation that drives elaborate schemes of Internet fraud, a threat that appears limited and specific to its target raises interesting questions about whether this threat is on a mission.

http://blogs.technet.com/b/mmpc/archive/2011/07/25/backdoor-olyx-is-it-malware-on-a-mission-for-mac.aspx

{ 0 comments }

Malware targets Starcraft 2 Gamers

by certifiedbug on September 14, 2010

in Microsoft

Microsoft Malware Protection Center
Malware Plays Starcraft 2

Starcraft 2 is gaining popularity not only for gamers but also for malware writers. We wrote about Starcraft almost two months ago when it was first released. Now, apparently, it is also being used as part of a social engineering technique by a downloader family called Harnig. Harnig is employed by many other types of prevalent threats (Bubnix, FakeSpypro, Koobface) to download their malware into computers.
Included in the Microsoft Malicious Software Removal Tool (MSRT) since October 2006, Harnig is one of the most prevalent malware families. In August 2010 alone, more than 140,000 files were detected as Harnig.gen!P.

http://blogs.technet.com/b/mmpc/archive/2010/09/12/malware-plays-starcraft-2.aspx

{ 0 comments }

Fake Antivirus adds “Support”

February 15, 2010

Rogue security programs usually pop up a screen informing users that their PC is infected with malware. The user, understandably alarmed by the nonstop pop-ups which suddenly appear on their frozen screen, will often click to make a purchase and download the “fake” software which claims it will remove the infection. In a nutshell that [...]

Read the full article →

MSN Featured Offers, Spam from Canadian Pharmacy

November 8, 2008

This week I have seen a resurgence of the “MSN Featured Offers” scam, this time from Canadian Pharmacy, pushing Viagra and other pharmaceuticals. Previous Certifiedbug alerts: Infector Spam ‘Free Update Windows XP,Vista’ Fake IE7 email Spam Spam posing as MSN Featured Offers Domain Name: xhtnnfx.cn Created: 2008-10-28 Expires: 2009-10-28 Whois Server: whois.cnnic.net.cn IP Location: Latvia [...]

Read the full article →

Fake IE7 email Spam

August 8, 2008

Spam spoofing my own email address as from admin at microsoft.com. It is fake and not from Microsoft. Don’t click on “Download the latest version!” which links to the infecter, ‘update.exe’, and no fireworks will occur. Internet Explorer 7 Download the latest version! About this mailing: You are receiving this e-mail because you subscribed to [...]

Read the full article →

Spam posing as MSN Featured Offers

July 16, 2008

This old turkey keeps coming in the mailbox. Hidden under “Click here” is an .exe which will infect your computer. Angelina Jolie’s Free Video. Click Here! About this mailing: You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured [...]

Read the full article →

Storm Worm readying for another attack

May 4, 2008

Despite the article at computerword.com April 22, 2008 reporting that Microsoft’s Malicious Software Removal Tool (MSRT) had made Storm pretty insignificant, the botnets appear to be preparing for another attack, which may target around Mother’s Day. According to UploadMalware.com’s Malware Blog, one of their researchers has found indications of a new storm worm variant moving [...]

Read the full article →