Friday, February 26, 2010

KSL.COM Virus Warning

After receiving reports of a computer virus related to this website, the problem has been identified and it is now safe to browse KSL.com. The virus came through a third party network used to distribute ads on the site, but it has been stopped and measures are being taken to boost security.

Monday, February 22, 2010

Microsoft Hotmail Privacy Breach

A statement issued by Microsoft revealed that the company is looking into reports that some users of its Hotmail service were accidentally shown other users' inboxes when attempting to access their mail through their mobile phone.

The Windows Live sign-in service was down for an hour yesterday; whether the two events are related is as-yet unknown. The sign-in downtime was purportedly due to a server failure, and left many unable to log in to any Microsoft service dependent on Windows Live IDs, including both Hotmail and Windows Live Messenger.
In its statement, the software giant said, "Microsoft takes customers' privacy seriously, and immediately upon learning of these reports, we started an investigation. We will take appropriate action once we have completed the investigation."

Reports of the nature of the security breach suggest that it did indeed coincide with the sign-in service failure. Users with the problem describe being presented with an inbox that was not their own; subsequent logins presented a different inbox each time.

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.

Social networking, govt sites hacked in global attack

A new type of computer virus is known to have breached almost 75,000 computers in 2,500 organizations around the world, including user accounts of popular social network websites, according Internet security firm NetWitness.

The latest virus -- known as "Kneber botnet" -- gathers login credentials to online financial systems, social networking sites and email systems from infested computers and reports the information back to hackers, NetWitness said in a statement.

A botnet is an army of infected computers that hackers can control from a central machine."

The company said the attack was first discovered in January during a routine deployment of NetWitness software.

Further investigation by the Herndon, Virginia-based software security firm revealed that many commercial and government systems were compromised, including 68,000 corporate login credentials and access to email systems, online banking sites, Yahoo, Hotmail and social networks such as Facebook.

"Conventional malware protection and signature-based intrusion detection systems are, by definition, inadequate for addressing Kneber or most other advanced threats," Chief Executive Amit Yoran said in a statement

Sunday, February 7, 2010

Social Networks: SOS


Don’t chat with worms as you would do with your friend

As some of the fastest-growing communities in the cyberspace, social networks are also the favorite playground for malware distributors. One of the most targeted networks of its kind is Facebook, the keeper of a huge database of personal information acting like a magnet to cyber-criminals.

The infamous Koobface worm made a comeback as Win32.Worm.Koobface.AOJ. Once installed on the local machine, the worm looks for cookies belonging to well-known social networks, such as Facebook®, Twitter®, Hi5TM, Friendster® and MySpaceTM, among others. However, there's more in Koobface than the eye meets: each new iteration of the worm brings additional surprises to build on its previous features: CAPTCHA breakers, locally-installed HTTP servers, keylogger and ftp file uploader components, as well as a rogue DNS changer and an advertisement pusher.

In order to spread from one infected account to another, Win32.Worm.Koobface.AOJ sends messages on the behalf of the compromised users to all their friends. Since Facebook® is extremely restrictive with large numbers of messages originating from the same account in a short time span, the worm forces the infected user to solve the CAPTCHA dialog for it. After the CAPTCHA has been successfully "defeated", it would post a link to a fake YoutubeTM video concealed with a URL shortening service (usually bit.ly). Unwary users clicking on the malicious link will subsequently asked to install a codec, which ultimately turns out to be the very downloader that drops, installs and "configures" the Koobface worm.

The Koobface family is one of the most advanced e-threats related to social networks. Its ability to compromise a large choice of social networks and its extremely advanced infection mechanisms makes it the ultimate war machine ready to siege your social network accounts.

Thursday, February 4, 2010

Worm Crawling the IM Network

Called Win32.Worm.IM.J, this malicious code spreads via links sent as instant messages on Yahoo! ® Messenger on behalf of infected users. The message uses social engineering tricks in order to make people believe they are in a very delicate situation and action should be taken immediately, especially since the embedded link ends with the Yahoo!® Messenger username of the victim.

The infected messages display two questions asking the victim whether he / she has pictures or a profile on a compromising site; a link towards the alleged site is, of course, provided after the informative note.

Once the users access the randomly-provided link, they are redirected towards fake Web page containing some ads and a blank space where the alleged photos should have been. A spoofed active content bar (that is not displayed under the hyperlink, but under the first row of ads) advises the victim to install Adobe Shockwave Player in order to be able to watch the pictures.

The worm would remove the locally-stored credentials from the infected computer in order to force the user to re-type them. The log-in information will be stored in Windows Registry under the key HKEY_LOCAL_MACHINE\SOFTWARE\first and would use them to stealthily authenticate and send these infected links to the victim's contact list.

Last, but not least, the worm also features a downloader component that would install additional malware on the infected system.

Win32.Worm.IM.J is built with Borland Delphi® and seems to have its roots in Romania, since the messages it sends are written in Romanian: "cine ti-a pus pozele aici?"(who posted your pictures here?) and "tu ti-ai facut profilu asta?"(was it you who created a profile here?).

In order to avoid infections, we recommend that you install and regularly update a complete antimalware suite with antivirus, antispam, antiphishing and firewall modules.

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.

Tuesday, February 2, 2010

Adobe Warns of of PDF Phishing Scam

A new phishing scam is trying to fool people into thinking it comes from Adobe

A new phishing scam is trying to fool people into thinking it comes from Adobe, announcing a new version of PDF Reader/Writer.The message is making its way into e-mail boxes now, and the real Adobe urged any recipients to simply delete it.

The phishing scam has a subject line "download and upgrade Adobe PDF Reader – Writer for Windows," includes a fake version of Adobe's logo and provides links that would lead to malicious code or other trouble if a victim clicked on them. The e-mail appears to come from Adobe newsletter@pdf-adobe.org, which is part of the scam.

"It has come to Adobe's attention that e-mail messages purporting to offer a download of the Adobe Reader have been sent by entities claiming to be Adobe," the company said in a statement warning about it. "Many of these e-mails are signed as 'Adobe PDF' (or similar), and in some instances require recipients to register and/or provide personal information. Please be aware that these e-mails are phishing scams and have not been sent by Adobe or on Adobe's behalf."

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.

Monday, February 1, 2010

Former Iomega VP Chooses Click Computers


Former Iomega Vice President Leon Staciokas chose Click Computers for his home personal computer. Mr. Staciokas marveled at the speed, quality, and local prompt service. Mr. Staciokas is a pioneer in the industry of personal portable storage devices.

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.