Tuesday, April 27, 2010

iPad Users Targeted by Backdoor Dissembled as iTunes Update

An e-mail invitation to an iTunes update gets iPad users’ PCs into backdoor trouble.

Success stories are cybercriminals’ go to sources of victims and the iPad craze couldn’t have been left out of this picture. According to some reports, Apple sold 150.000 iPads in the first 60 hours of presale availability, with almost 100.000 of these coveted devices being pre-ordered in the first 10 hours. The figures make it clear as daylight why malware creators were so keen on crashing this promising party.

The invitation to the “contagious fiesta” comes via the e-mail: an unsolicited message instructs iPad users to download on their PCs the latest version of the iTunes software as a preliminary step to an update of their iPad software.

To carry conviction, the e-mail emphasizes that users should keep their iPad software updated “for best performance, newer features and security”.

It goes on to clarify the multi-step procedure by pointing out that in order for the update to be performed the latest version of iTunes should first be downloaded from the Internet. A direct link to the download location is conveniently provided. As a proof of cybercrime finesse, the webpage the users are directed to is a perfect imitation of the one they would use for legitimate iTunes software downloads.

Unfortunately for these users, following the malicious link means opening up a direct line to their sensitive data as instead of the promised iTunes update they get malware on their systems.

Identified by BitDefender as Backdoor.Bifrose.AADY,the piece of malicious code inadvertently downloaded injects itself in to the explorer.exe processand opens up a backdoor that allows unauthorized access to and control over the affected system.

Moreover, Backdoor.Bifrose.AADYattempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim’s ICQ, Messenger, POP3 mail accounts, and protected storage.

It is important to say that Mac users remain unaffected by this piece of malware.

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.

Friday, April 23, 2010

Facebook Application Spreading Adware

BitDefender researchers today have uncovered a new scheme that allows cyber-criminals to monetize on unwary users by leading them into installing adware applications. Rather than using hidden vulnerabilities in the social networking platform, this novel approach relies on social engineering in order to trick users into interacting with the attacker.

Chapter I: The Application
The central element of the scheme is the Dance Class Video, application, a third-party extension of Facebook that has neither been developed, nor approved by the social network. The application’s page has been artificially populated with content and friends to increase the victim’s confidence. The application’s main purpose is to send specifically crafted messages and to continue recruiting new victims, as described below.

Chapter II: The Bait
The infection vector is simple yet efficient. Compromised accounts send spammy messages that impersonate a Facebook video: “[victim’s name], this video is from the dance academy i went to last week.. what do u think?”. As soon as the victim follows the link, the application would ask for confirmation to pull out personal data, to send message on users’ behalf, as well as permission to always send these messages without any further confirmations.

Chapter III: The Payload
After all the necessary confirmations have been pulled from the victim, they would be redirected to the application’s page that displays a fake video player (which is in fact a JPEG image hosted outside of Facebook), prompting them to update their FLV player in order to be able to see the video.

The download page even contains an End-User License Agreement and the small provision that the SB 140 Alaska rule expressly forbids an application to engage in deceptive acts or practices described in this subsection using spyware by causing a pop-up advertisement to be shown on the computer screen of a user by means of a spyware program”. The page also triggers the automatic download of a binary file called FLVDirect.exe.

Once downloaded and installed, the binary file would hijack the browser’s start page and search settings without the user’s consent.

Apart from all the trouble a piece of adware may inflict to the average computer user, please remember that your social networking profile may hold sensitive information and granting third parties access to it or to act on your profile may have extremely dangerous repercussions on your privacy.

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.

McAfee Update Sends Windows XP Machines into Reboot Loop

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.

McAfee perfectly illustrated today why you're supposed to thoroughly test software updates before pushing them out to the general public. Consumers and IT support personnel around the country found themselves in a nightmare situation this afternoon; at best, their Windows XP-based machines simply couldn't connect to a network, but more often than not were stuck in an endless loop of reboots.

The update, labeled 5958, causes McAfee to misidentify svchost.exe (an essential Windows system file) as a piece of malware and delete it. The official statement from McAfee indicates that the flaw only effects Windows XP machines with SP3, and results in "moderate to significant performance issues." Of course, reports from around the Web indicate this affects systems that are only up to SP2. And calling an endless cycle of reboots a "performance issue" is a bit of an understatement.

There are unconfirmed reports that the flaw has taken out banks of systems at Intel and Dish Network, and the New York Times is reporting that dozens of PCs at the Illinois State University in Normal were taken out as well.

McAfee has released a "fix" for the problem that really only suppresses the issue and doesn't directly address the false-positive issue. The fix also requires that a technician individually visit and repair any affected system, meaning that it may be a long night for support staff at companies and institutions who turn to McAfee for their virus protection.

Click Computers Can Help. Facebook Fans flat fee $49.00

Saturday, April 17, 2010

Click Computers Mini Notebook Special

Click Computers – Computer Repair Utah
Click Computers is Utah’s Onsite Computer Repair Specialists for your Home and Business.

Through the month of April, Click Computers has on special the Hewlett Packard HP Pavilion 210-1030NR Mini Notebook PC. Retail price is $349.99. This month only $289.99.

Click Computers will optimize the system if you prefer at no extra charge. Remove all unnecessary trail version programs, install Open Office, and install an anti-virus, anti-spyware product absolutely free. For a fee of $37.50, Click Computers will come to your home or business and connect your printer and wifi. Click Computers can also transfer your data from your existing computer to this wonderful HP net book.

Small, slim and stylish, the HP Mini 210 lets you surf the web, stay connected, and be entertained wherever you go. Amp up the fun by playing videos and music or showing off your photos. Exclusive, integrated software keeps you in sync with your life by letting you e-mail, chat, and instantly access your files from anywhere. With bottom case cover that conceals component access points and matches the top cover, the HP Mini 210 looks great from every angle and is protected by world-class support.


•1.66 GHz Intel Atom N450 Processor

•1GB DDR3 Memory

•160GB SATA Hard Drive

*10.1" Active Matrix TFT Color LCD with 1366x768 Resolution

•6 Cell Battery

•Integrated Intel GMA 3150 (256MB Graphics Memory)

•Integrated 802.11b/g Wifi

•Integrated 10/100 BaseTX LAN

•5-in-1 Multi-memory Card Slot (SD,MMC,MemoryStick,MemoryStick PRO,xD-Picture Card)

•Microsoft Windows 7 Starter

•1 Year Manufacturer's Limited Warranty