SEO Scareware Campaign Compromises 200K Websites

Security researchers have detected a massive blackhat SEO (search engine optimization) campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software (Inst_58s6.exe), commonly referred to as scareware. The massive blackat SEO campaign has been launched by the same people who operate/or manage the campaigns for the Koobface botnet. Read the full article. [ZDNet]

Expert Debunks MS’ 64-Bit Safety Claims

Windows users running 64-bit versions of the
operating system are less likely to get infected by attack code,
Microsoft’s security team said yesterday. But that doesn’t mean they won’t, countered an outside security researcher. “There’s a lot of 64-bit malware,” said security researcher Alfred Huger. “They can run their code
in compatibility mode, or they can compile it for 64-bit. The reason
they’re not is that there’s still not a lot of 64-bit deployment.
There’s 64-bit malware out there, just like there’s Mac OS malware out
there. But right now, [64-bit] is just not as opportune a target as
32-bit.” Read the full article. [Computerworld]

Mac Users: Phishers Are Platform Agnostic

Yes, Mac fans, virus writers continue to focus primarily on Windows, since nine of 10 computers connected to the Web are PCs. However, phishers are platform agnostic. And right now phishing attacks are surging. Phishers rely on social engineering to victimize Web users. And their latest sleigh-of-hand is to lure your into giving up your Web mail or social network account log-ons. Anyone who uses Hotmail, YahooMail, Gmail, Facebook, MySpace, LinkedIn or Twitter is likely being attacked — doesn’t matter what computer operating system they happen to be using. Read the full article. [USA Today]

The Serious Organised Crime Agency (Soca) says websites are currently being used to recruit “money mules”. The “mules” are ordinary people who send and receive payments through their bank accounts to facilitate business. But in reality, the cash has been laundered from crime, leaving unwitting mules open to prosecution. Fraudsters are using a variety of bogus and legitimate recruitment channels to con job-hunters into thinking they have found genuine employment. Read the full article. [BBC]

They’re the Internet equivalent of storm chasers, spending endless hours scanning and sleuthing, looking for the telltale signs of botnets. Here’s an inside look at the battle against cybercrime’s weapons of mass infection. Read the full article. []

A critical vulnerability in the Wikipedia Toolbar extension for Firefox has been discovered that can be exploited by an attacker to compromise a victim’s system. According to the Secunia report, the cause of the problem is due to the application using invalidated input in a call to eval() which can be exploited to execute arbitrary JavaScript code.

Hackers are increasingly targeting law firms and public relations
companies with a sophisticated e-mail scheme that breaks into their
computer networks to steal sensitive data, often linked to large
corporate clients doing business overseas. Read the full article. []

The recent ACM Cloud Computing Security Workshop in Chicago was devoted specifically to cloud security. Speakers included Whitfield Diffie, a cryptographer and security
researcher who, in 1976, helped solve a fundamental problem of
cryptography: how to securely pass along the “keys” that unlock
encrypted material for intended recipients. Diffie, now a visiting professor at Royal Holloway, University of
London, was until recently a chief security officer at Sun
Microsystems. He sat down with Technology Review’s chief
correspondent. Read the full article. [Technology Review]

U.K. police are hailing the sentencing of four people who used a
sophisticated Trojan horse program to siphon money out of online bank
accounts. The men used a Trojan horse program called PSP2-BBB that executed a
so-called man-in-the-browser attack when potential victims logged into
online bank accounts. The Trojan would insert a special page within the
customer’s browsing session asking for more personal information,
according to police. Read the full article. [IDG News]

Internet security experts say that misconfigured DSL and cable
modems are worsening a well-known problem with the Internet’s DNS,
making it easier for hackers to launch DDoS attacks against their
victims. According to research, part of the problem is blamed on the growing number of
consumer devices on the Internet that are configured to accept DNS
queries from anywhere, what networking experts call an “open recursive”
or “open resolver” system. Read the full article. [InfoWorld]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.