Malware authors have used file-hosting and sharing servers for that purpose before, but this is the first time malware has been noticed to do that automatically, wrote Roland Dela Paz, a threat response engineer with Trend Micro.

SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote.

It appears SendSpace’s terms of service would prohibit use of the site that way. SendSpace said in response to an email that it was “notified of this several days ago by Trend Micro themselves, and we’re working to find a solution for this.”

File storage services offer several advantages for cybercriminals, said Rik Ferguson, director of security research and communication for Trend Micro in Europe.

Although the cybercriminals often use networks of proxy computers to mask how they are communicating with a compromised computer, using a storage service adds another layer, Ferguson said. “It breaks in some ways the chain of evidence,” he said.

• Login | Register
• Follow us on Twitter

---

• Get Widget
• Subscribe to Techworld newsletters

Also, authorities would be less likely to take down a legitimate file-hosting service than a new server set up by scammers, Ferguson said.

The services are especially useful for so-called Advanced Persistent Threat attacks, where cyberspies seek to infiltrate an organisation for a long period of time, Ferguson said. There is also a better chance that organisations that are hacked

.... end of excerpt
Article Source: http://rss.feedsportal.com/c/270/f/470440/s/1c6fc3a1/l/0Lnews0Btechworld0N0Csecurity0C33352750Cmalware0Ehijacks0Efile0Ehost0Esendspace0Esteal0Einformation0C0Dolo0Frss/story01.htm

Malware authors have used file-hosting and sharing servers for that purpose before, but this is the first time malware has been noticed to do that automatically, wrote Roland Dela Paz, a threat response engineer with Trend Micro.

SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote.

It appears SendSpace’s terms of service would prohibit use of the site that way. SendSpace said in response to an email that it was “notified of this several days ago by Trend Micro themselves, and we’re working to find a solution for this.”

File-storage services offer several advantages for cybercriminals, said Rik Ferguson, director of security research and communication for Trend Micro in Europe.

Although the cybercriminals often use networks of proxy computers to mask how they are communicating with a compromised computer, using a storage service adds another layer, Ferguson said. “It breaks in some ways the chain of evidence,” he said.

Also, authorities would be less likely to take down a legitimate file-hosting service than a new server set up by scammers, Ferguson said.

The services are especially useful for so-called Advance Persistent Threat attacks, where cyberspies seek to infiltrate an organization for a long period of time, Ferguson said. There is also a better chance that organizations that are hacked will not regard outbound connections to a file-hosting service as suspicious, making it less likely the connection will be shut down, he said.

“Basically it’s criminals taking advantage of public infrastructure to appear less suspicious,” Ferguson said.

Send news tips and comments to jeremy_kirk@idg.com

.... end of excerpt
Article Source: http://www.pcworld.com/businesscenter/article/249331/malware_automates_storing_of_data_haul_on_filehosting_site_sendspace.html

At the outset, let me offer my defininition of spam: any kind of unwanted communication delivered by any unknown source. That’s a broader description than many people would make; but much of what’s happening online is not only annoying and a waste of time, but also sometimes injurious and costly.

Here are some of the latest forms of digital spam, together with some steps you can take to avoid them.

Fake News Sites

An example of a fake news site.I recently wrote a story that resonated with readers. As I read through and responded to some of their comments, I saw this one:

“my roomates [sic] aunt makes $83/hr on the laptop. She has been without work for 8 months but last month her pay was $8682 just working on the laptop for a few hours. Read more on this site [URL].”

Really? All that money for just a few hours of work?

Sadly, some people actually fall for this spammy scam, click the link, and end up on a fake news site, which lures them to another page. There, if they hand over their name, phone number, and email address, they can gain access to the spammer’s “incredible work-at-home opportunity.” But you should never offer your personal information to any source you’re not absolutely sure can be trusted, because hackers can use it to do all sorts of nefarious things.

The fake news sites, which have titles such as “News 6 News Alerts,” falsely indicate that the reports they display have been “seen” on major media outlets, such as CNN, USA Today, and Consumer Reports; in reality the reports are merely ads meant to entice people to buy things.

The FTC recently shut down several groups peddling acai berry weight-loss and colon cleanse products, and informed the public that

.... end of excerpt
Article Source: http://www.pcworld.com/article/249300/new_digital_spam_how_bad_guys_try_to_trick_you_how_to_avoid_the_traps.html

The 15-deck, 3,100-passenger Royal Caribbean Cruises ship was delayed in leaving Saturday for a seven-day trip by a couple of hours, Port of New Orleans spokesman Chris Bonura. He referred other questions to Royal Caribbean Cruises Ltd., which did not answer a call and email Sunday.

The Centers for Disease Control and Prevention notified Louisiana on Friday that a cruise ship might be coming in with a norovirus outbreak, state epidemiologist Raoult Ratard said Sunday.

The CDC did not say how many passengers were ill, Ratard said. “They let us know, but that’s it. They don’t give us details or anything. And we really don’t need” details about norovirus, he said.

Agency spokesman Tom Skinner said he could not comment immediately because the CDC inspector who had been on the Voyager on Saturday was busy checking a cruise ship in Florida on Sunday. That ship was one of two homeported in Florida where weekend outbreaks were reported.

WDSU-TV reported that about 200 passengers on the New Orleans ship became ill from the virus, which causes vomiting and diarrhea and spreads rapidly in close quarters such as cruise ships and nursing homes.

To put things into perspective, Ratard said, on any given day about 10,000 people in the New Orleans area are likely to have diarrhea, about 30 percent of them — 3,000 — because of norovirus.

“In a closed space like a cruise ship, in a nursing home, in a hospital, you want to be extra careful. But the 3,000, they’re all over the place,” Ratard said.

.... end of excerpt
Article Source: http://news.yahoo.com/virus-strikes-cruise-ship-orleans-232648443.html