Possible increase in spam expected as once crippled botnet rises from thhe dead

Posted on February 4, 2012 by admin

Back near the end of the summer of last year both Microsoft and Kaspersky Lab, a security software company, worked together to bring down one of the reported biggest spam botnets that was responsible for polluting machines around t he world.

Called the Kelihos botnet the network consisted of around 45,000 infected computers but despite those low numbers it was able to pump out nearly 4 billion spam messages a day. These spam messages were used to promote everything from pornography to illegal pharmaceutical drugs and stock scams.

The two companies worked together to create what is referred to as a ‘sinkhole’ which is used then to get the infected machines to talk with it. Of course researchers knew that it was only a matter of time before those that controlled the botnet regained control of the infrastructure mainly because neither Microsoft or Kaspersky Lab could forcefully clean the infected machines since they were in countries where this action would be considered illegal.

Meddling with another person’s computer could be considered a form of hacking, even with the best intentions of security researchers. Unfortunately, it appears that many of the machines infected with Kelihos are now controlled by the bad guys again.

There are also other new variants of Kelihos that are using updated forms of encryption to mask the communication with the botnet controllers, Herkanaidu said. Maria Garnaeva, a researcher with Kaspersky Lab, wrotethat two different RSA keys are being used for encryption, which means it is possible two different groups are controlling Kelihos.

via Techworld

The end result of this is that we could very soon see a whole new wave of spam start to hit the web even as Microsoft and Kaspersky get back to working on studying the new variants and trying to once more stop a spam invasion.


jQuery(‘.nrelate_none’).removeClass(‘nrelate_none’);

.... end of excerpt
Article Source: http://www.inquisitr.com/190176/possible-increase-in-spam-expected-as-once-crippled-botnet-rises-from-the-dead/

Posted in Stop Spam | Tagged | Comments Off

Military PIN Number Stealing Virus Reportedly Hails from China

Posted on February 4, 2012 by admin

I am not a grammar nut, and I don’t really proof read my comments when posting on internet boards. I am not paid to leave comments here, and I am not a professional writer.

The guys who are getting paid to write articles for this site and the guys who are paid to review articles before they are published, should be doing a better job.

I come here because I want to read articles about tech news, but when I have to read a sentence 4 times and it still makes no sense, it gets pretty frustrating and makes me wonder why every single article on this site has errors in it.

So if I just “got mine” for posting my criticsm of the writing staff, then ouch, super burn man!!

.... end of excerpt
Article Source: http://www.dailytech.com/Military+PIN+Number+Stealing+Virus+Reportedly+Hails+from+China/article23925.htm

Posted in Stop Spam | Tagged | Comments Off

Google, Microsoft, Facebook Teaming Up to Fight Phishing

Posted on February 4, 2012 by admin

Google, Microsoft, and Facebook are teaming up with banks and security vendors to develop a platform for blocking phishing attacks.

The Domain-based Authentication, Reporting and Conformance group (DMARC) will seek to develop a system which can authenticate the sender of an email message and weed out potential phishing messages.

The group’s aim is to create a feedback system where both the sender and recipient can be authenticated and impersonation attempts can be automatically blocked.

The group said its aims to create a standards-based platform that will allow service providers to set policies on their messages which can block unauthenticated emails and provide reports on how security protections are operating.

AOL, Google, PayPal, Yahoo and Facebook are among the companies participating in the development process. Financial firms such as Bank of America and Fidelity are also working within the group.

“Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the internet as a whole,” said Brett McDowell, PayPal senior manager of customer security initiatives and chair of the DMARC.org project. ”Industry cooperation, combined with technology and consumer education, is crucial to fight phishing.”

Phishing attacks have become increasingly sophisticated in recent years. Criminals have been developing techniques to create more personalized and believable phishing messages and pages.

Additionally, phishing has spread to social networking platforms, where the trust users place in their contacts can be exploited to increase the effectiveness of an attack.

Register now for SES London 2012, the Leading Search Social Marketing Event, taking place 20-24 February, 2012. SES Conference Expo features presentations and panel discussions that cover all aspects of search engine-related promotion. Hurry, early bird rate expires February 3!

.... end of excerpt
Article Source: http://searchenginewatch.com/article/2143128/Google-Microsoft-Facebook-Teaming-Up-to-Fight-Phishing

Posted in Stop Spam | Tagged | Comments Off

Google now scanning Android apps for malware

Posted on February 4, 2012 by admin

Google has added an automated scanning process that is designed to keep malicious apps out of the
Android Market, the company announced today.

The new service, code-named “Bouncer,” scans apps for known malware, spyware, and Trojans, and looks for suspicious behaviors and compares them against previously analyzed apps, Hiroshi Lockheimer, vice president of engineering on the Android team, said in an interview with CNET this morning.

Every app is then run on Google’s cloud infrastructure to simulate how the software would operate on an Android device, he said. Existing apps are continuously analyzed, too.

“The system takes an app that’s been uploaded and runs it in the cloud and monitors what the app is doing in a virtual environment, if you will,” Lockheimer said.

If malicious code or behavior is detected, the app is flagged for manual confirmation that it is malware. The app could be blocked from being uploaded if it is blatantly malicious or will be removed quickly thereafter if it gets flagged by the scanning process. “It won’t get uploaded at all if it is an instance of known malware,” Lockheimer said.

Unlike Apple, which vets every
iPhone app before it hits the iTunes Marketplace, Google does not require pre-approval for Android apps. Instead, it does the screening of the apps behind the scenes when the developers upload them to the Android Market.

Google also is analyzing new developer accounts to “prevent malicious and repeat-offending developers from coming back,” the company says in a blog post today.

Google has been quietly testing Bouncer for a “number of months,” long enough to see an impact, Lockheimer said. Between the first and second half of 2011 there was a 40 percent decline in the number of downloads of potentially malicious apps, the company said.

Lockheimer said he could not say how many malicious apps had been blocked or removed from the market as a result of the scanning.

Asked if Google created Bouncer in response to complaints about malicious apps on the Android Market, Lockheimer said no. “It’s

.... end of excerpt
Article Source: http://rss.feedsportal.com/c/32447/f/475521/s/1c5b6111/l/0Lnews0Bcnet0N0C830A10E270A80A0I30E57370A650A0E2450Cgoogle0Enow0Escanning0Eandroid0Eapps0Efor0Emalware0C0Dpart0Frss0Gsubj0Fnews0Gtag0F25470E10I30E0A0E20A/story01.htm

Posted in Stop Spam | Tagged | Comments Off

Kelihos botnet remains very much dead after all

Posted on February 4, 2012 by admin

A spam botnet brought down four months ago, which was once capable of pumping out almost four billion spam messages a day, remains very much dead, two of the companies behind the takedown said.

That determination, announced late Friday by Microsoft and Kaspersky Lab representatives, contradicted published reports, including one from Ars, that claimed the network of infected computers had been resurrected. There’s no evidence that control of Kelihos, which also went by the name Hlux, has returned to the control of its creators, the companies said.

The reports were based on a blog post a Kaspersky researcher published on Tuesday that was headlined “Kelihos/Hlux botnet returns with new techniques.” Among other things, the researcher wrote: “This botnet continues to get orders from spammers and send spam in different languages so far.”

Kaspersky clarified its findings on Friday.

“We would like to clarify the difference between the botnet we took down together with Microsoft and new samples based on original Kelihos code,” a statement issued by Kaspersky read. “The botnet we took down is still under control and infected machines are not receiving commands from command and control centre (CC) so they are not sending spam. But new samples, which are monitored by, us continue to get orders from spammers and send spam so far. It means that we are dealing with another botnet.”

A blog post published by Richard Domingues Boscovich, senior attorney for Microsoft Digital Crimes Unit, agreed.

“Contrary to some reports, Kaspersky and Microsoft have no evidence that the botnet that was taken down in September has returned to the control of cybercriminals or is spamming again at this time,” he wrote. “However, we have seen evidence of distribution of new malware that appears to be a slightly updated variant of the malware that built the original Kelihos botnet.”

It’s not uncommon for botherders to recycle code when designing new malware. Indeed, Microsoft has said the original Kelihos bot software bore a strong resemblance to Waledac, a botnet Microsoft helped bring down in early 2010. Microsoft has dubbed the new malware Backdoor: Win32/Kelihos B and

.... end of excerpt
Article Source: http://arstechnica.com/business/news/2012/02/kelihos-botnet-remains-dead-after-all.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

Posted in Stop Spam | Tagged | Comments Off