Viruses & Malware

Facebook is warning about a couple of scams directed at its users over the last few days.

Sophos is warning music fans to be wary of opening unsolicited emails claiming to reveal the latest news about their favourite pop stars. The warning follows the discovery of a new wave of malware attacks which arrive in the unsuspecting computer users' inbox and claim to contain a link to a scandalous video of Madonna.

Sophos experts note that the cybercriminals have timed the attack to coincide with the start of Madonna's new world tour on Saturday - it is a common tactic for hackers to try to exploit excitement around upcoming events.

Hackers trying to plant malware on PCs have switched from touting CNN news in come-on messages to pushing breaking stories said to be from rival network MSNBC, security experts said today.

The fake messages pose with subject headings that include the phrase "Breaking News," along with phony news story headlines, such as " Jerry Yang relinquishes control over Yahoo," "Mary-Kate Olsen responsible for Heath Ledger's death," and "Plane crashes into prep school, hundreds of kids killed," said researchers at F-Secure Corp. and Sophos Plc.

A second worm is targeting Facebook users, according to security company Sophos.

The new worm posts a message on users ‘comment wall' which, if clicked, will download a Trojan to the user's PC. The comment on the message wall is disguised to look like it comes from one of the user's friends, and directs to a video on a fake Google site. When the user clicks on the link, a picture of a medieval jester is shown, and the Trojan automatically downloads.

Microsoft's Malware Protection Center has picked up on some positive news that comes at a time when online threats are apparently increasing without limit. According to the MMPC's blog, there have been two VX (Virus writing and sharing) groups to have shut down in a very short period of time, seemingly without any external pressure. According to the post, there is really only one active group remaining, something which would have seemed far fetched not even a decade ago.

In a windowless underground computer lab in California, young men are busy cooking up viruses, spam and other plagues of the computer age. Grant Joy runs a program that surreptitiously records every keystroke on his machine, including user names, passwords, and credit-card numbers. And Thomas Fynan floods a bulletin board with huge messages from fake users. Yet Joy and Fynan aren't hackers—they're students in a computer-security class at Sonoma State University. And their professor, George Ledin, has showed them how to penetrate even the best antivirus software.

Security company Kaspersky Lab is warning of a new worm that targets MySpace and Facebook users.

The worm variants are spread through the popular social networking sites, turning infected machines into zombies - PCs illicitly controlled by hackers to carry out tasks like denial of service attacks.

My colleagues at Kaspersky Lab have intercepted two new worms squirming through MySpace and Facebook, using social engineering lures to plant malware on Windows systems.

The worms propagate via the comments features on the two popular social networks, using video lures and fake Flash Player downloads to trick end users into installing malicious executables.

Some of the messages and comments posted to the social network sites include:

An Argentinian researcher has released the details of an exploit that enables malware plants on end user computers running iTunes, Mac OS X, Winzip and many popular programs according to a report from UK news site the Register.

Internet security firm Infobyte (infobyte.com) researcher Francisco Amato prepared a report that described Evilgrade, an exploit of the weaknesses in the automatic upgrade feature of an infected program or operating system.

Many small businesses wrongly believe that they're too insignificant to attract hackers and spend too little time on security but according to Secure Computing, since the beginning of July there are steady waves of mass-mailings hitting inboxes with fake invoices.

This includes fake UPS messages claiming that a package couldn't be delivered and was returned, the user should print out the attached invoice - which in fact is the actual piece malware.