Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Cyber Crime

A History of Hacking Culture

by Shanmuga

"The appearance of professional Internet criminals was predicted in fiction long before the Internet became a mass medium. During the early years of the Web, we spent a great deal of time and energy looking for ways to defeat the professional thief. The mischief maker, the prankster, and the juvenile delinquent were overlooked. Then a […]

Read the full article →

Hacking: DoS attack prevents access to WordPress.com blogs

by Shanmuga

"The WordPress.com blog-hosting service suffered a DoS (denial-of-service) attack that began Saturday and was still preventing users from logging in or posting to their blogs on Tuesday.

Read the full article →

Malware: Russian hosting network running a protection racket

by Shanmuga

"The Russian Business Network, a notorious hacker and malware hosting network, runs a protection racket that extorts as much as $2,000 a month in fees for "protective Web services" from borderline sites, a researcher alleged today.

Read the full article →

Security: New BotSniffer better able to detect foul stench of botnets

by Shanmuga

"Researchers at Georgia Tech have published a paper on BotSniffer—a program they’ve designed to detect and disable botnets. Botsniffer is not the only bot-detection program available, but the Georgia Tech research team believes that the program’s approach to the botnet issue results in a better correlation rate and a lower number of false positives.

Read the full article →

Security: Limelight kills botnets better than cops do

by Shanmuga

"Botnet operators have become public enemy number-one as consumers, businesses and governments fall foul to identity theft, DDoS attacks and spam. Yet no one appears to be able to stop the spread of bots — except maybe the media.

Read the full article →

Security: What IT can learn from botnets

by Shanmuga

"Josh Corman is the host protection architect for Internet Security Systems, Inc. (ISS), with more than eight years of experience in security and networking software. What was refreshing was Corman’s out-of-the-box thinking on the distributed networks currently being used by online criminals. Of the most popular of these networks, he said "Storm did a lot […]

Read the full article →

Beware unexpected e-Valentines, FBI says

by Shanmuga

"When the FBI issues a press release about Valentine’s Day, you can guess it’s not good news. The feds are warning Internet users about electronic Valentines that are booby-trapped with a computer virus. Computer security firms confirm that they have seen many variations of the virus, which often arrives in e-mail bearing loving subject lines […]

Read the full article →

Hackers turn to drive-by downloads

by Shanmuga

"Organised criminal hackers are waging a highly sophisticated war by exploiting vulnerabilities in end users’ web browsers using drive-by downloads, security experts warn.

Read the full article →

Storm’s Creators Identified

by Shanmuga

"American and Russian law enforcement agencies have finally identified the criminals behind the Storm worm, one of the nastiest pieces of malware to ever hit the Internet. Now comes the hard part: arresting them.

Read the full article →

MayDay! Sneakier, More Powerful Botnet on the Loose

by Shanmuga

"A new peer-to-peer (P2P) botnet even more powerful and stealthy than the infamous Storm has begun infiltrating mostly U.S.-based large enterprises, educational institutions, and customers of major ISPs. The MayDay botnet can evade leading antivirus products, and so far has compromised thousands of hosts, according to Damballa, which says 96.5 percent of the infected machines […]

Read the full article →

Hacking: Vista’s Growing Popularity Draws Hackers’ Malice

by Shanmuga

"With more people finally switching to Windows Vista, the operating system is fast becoming a target for security researchers and–surprise!–hackers.

Read the full article →

Hacking: Attackers Abuse Google Blogger

by Shanmuga

"Hackers are currently littering Google’s Blogger site with phony blogs — some containing malware, pornographic images, or pure spam. "Google Blogger is being used as a malware delivery mechanism," says Ken Steinberg, CTO and president of Savant Protection, who discovered the attack while working on his own blog this morning. The attackers apparently are automatically […]

Read the full article →

Phishing: Stealing Phish from Fraudsters

by Shanmuga

"A recurrent group of Moroccan fraudsters calling themselves Mr-Brain has launched a website dedicated to offering easy-to-use phishing site code, email templates and other hacking tools. The website offers phishing kits for many of the most common targets, such as Bank of America, eBay, PayPal and HSBC.

Read the full article →

Pharming: Drive-by Pharming in the Wild

by Shanmuga

"We recently saw instances of actual attackers attempting a basic version of drive-by pharming. Given the simplicity of the attack and the potential widespread implications, we always felt that it would simply be a matter of time before it happened. The building blocks have been out there for some time and anyone with sufficient familiarity […]

Read the full article →

Hacking: 51 Percent Of Malicious Web Sites Are Hacked

by Shanmuga

"The number of legitimate Web sites that have been hacked and seeded with code that tries to infect the visitor’s PC with malware now exceeds the number of sites specifically created by cyber criminals, according to a report released today.

Read the full article →

Vishing: FBI warns that “vishing” attacks are on the rise

by Shanmuga

"According to the FBI’s Internet Crime Complaint Center (IC3), the number of "vishing" complaints received by the center is increasing at what it calls "an alarming rate." Vishing and phishing are related, and both rely on e-mail as a means of delivering bait, but the two use different hooks in order to snag user data.

Read the full article →

Tips: How to Minimize Risk from Zero Day Attacks

by Shanmuga

"…Microsoft Excel files are being used to exploit a zero-day (previously unknown/unpatched) vulnerability and plant keystroke loggers on select (.gov?) networks…bugs in Microsoft Office applications emerged over the last year as standard weapons for criminals conducting corporate espionage and computer attacks against military targets. Last summer, Microsoft’s Office team struggled to keep pace with flaw […]

Read the full article →

Credit card data breach could affect 650,000

by Shanmuga

"Personal information on about 650,000 customers of J.C. Penney and up to 100 other retailers could be compromised after a computer tape went missing. GE Money, which handles credit card operations for Penney and many other retailers, said Thursday night that the missing information includes Social Security numbers for about 150,000 people.

Read the full article →

Hacking: Researcher cracks Yahoo CAPTCHA software

by Shanmuga

"A security researcher has claimed that Yahoo’s system for blocking automated access to its systems – the CAPTCHA image-recognition system – has been effectively cracked. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) systems are used by Yahoo, as well as Google, Microsoft and others, to stop automated systems from registering […]

Read the full article →

Hacking: Hackers go after Excel

by Shanmuga

"Microsoft has warned that an unpatched vulnerability in older versions of Excel is being actively exploited by hackers. The bug, which has become the subject of targeted attacks, affects older versions of Excel. Newer versions Excel 2003 SP3 and Excel 2007 are said to be immune. Details of the vulnerability beyond what packages might be […]

Read the full article →

Hacking: Hackers Have Attacked Foreign Utilities, CIA Analyst Says

by Shanmuga

"In a rare public warning to the power and utility industry, a CIA analyst this week said cyber attackers have hacked into the computer systems of utility companies outside the United States and made demands, in at least one case causing a power outage that affected multiple cities.

Read the full article →

Hacking: Legitimate sites serving up stealthy attacks

by Shanmuga

"Thousands of legitimate Web sites are hosting an infection kit that evades detection by attempting to compromise each visitor only once and using a different file name each time, Web security firm Finjan warned last Monday. The attack, dubbed the "Random JS toolkit" by the security firm, currently uses dozens of hosting servers and more […]

Read the full article →

Hacking: Hijacking Printers For Spamming

by Shanmuga

"Building on the concept of cross-site scripting, whereby an attacker can inject malicious code in Web pages viewed by others, security researcher Aaron Weaver has demonstrated how an attacker can inject spam messages into a Web site visitor’s printer.

Read the full article →