The ongoing DDoS attacks that have been targeting a series of U.S. government sites as well as some commercial sites is likely not the work of any government organization and is being executed by an old piece of malware that is designed to ruin files on infected PCs rather than steal data, experts say.
Browsing Category: Malware
From Zero Day (Dancho Danchev)
Researchers from NetQin Tech. are reporting on a newly discovered mobile malware variant (Transmitter.C) distributed through a modified version of legitimate mobile application. Upon execution, the malware attempts to automatically spread by SMS-ing hundreds of messages linking to a web site where a copy of it (sexySpace.sisx) can be found. Read the full story [ZDNet.com].
It looks like the distributed denial-of-service attack, once the favorite tactic of script kiddies and professional hackers alike, is coming back into favor. Attackers have been conducting an ongoing DDoS attack against the Federal Trade Commission’s main site, as well as some other government sites over the last few days.
There is a widespread attack underway against an unpatched vulnerability in the Msvidctl DLL, with attackers using thousands of newly compromised Web sites to exploit victims’ PCs via drive-by downloads. The attacks are using Internet Explorer as the attack vector and are pushing a Trojan downloader onto compromised machines.
Dennis Fisher talks with Robert “Rsnake” Hansen about his Slowloris tool, low-bandwidth DoS attacks and the law of unintended consequences.
As night follows day, malicious hackers are following high-profile news around celebrity deaths to launch attacks.
According to a warning from the U.S. Computer Emergency Response team, there are several spam campaigns, phishing attacks, and malicious code targeting the recent deaths of Michael Jackson and Farrah Fawcett.
From IDG News Service (Robert McMillan)
Former Apple Macintosh evangelist Guy Kawasaki posts Twitter messages about a lot of different thing, but the message he put up Tuesday was really out of character: “Leighton Meester sex tape video free download!”
His message included a link that, after some further clicking, landed Kawasaki’s followers on a fake porn site where online criminals try to install a nasty Trojan horse program on victim’s computers. And in an interesting twist, the program attacks both Mac and Windows users. Read the full story [computerworld.com]
From IDG News Service (Stephen Lawson)
Alan Ralsky, a spam kingpin who was convicted of felony bank fraud in 1995, could face more than seven years in prison after pleading guilty in a stock fraud case involving spam messages that pumped up Chinese “penny” stocks.
Ralsky and four other individuals pleaded guilty on Monday, joining three others who had pleaded guilty earlier, the U.S. Department of Justice announced Monday. Cases are still pending against three other people, they said. The defendants were indicted in the Eastern District of Michigan in 2007. Read the full story [pcworld.com]
From Websense Security Labs
Early last week, we posted an alert about a mass injection attack in the wild we named Nine-Ball. This attack compromised over 40,000 legitimate Web sites in an ongoing campaign. The scale of the attack was spotted June 2, 2009, and since then the campaign has evolved several times. In this blog we will provide further detail and analysis on the Nine-Ball campaign. Read the full post [Websense.com].
Criminals often register their own domain name to perform phishing attacks. Unlike the other common phishing site scenarios (including hacked servers, open redirects, and abuse of free webhosting), phishing sites that have their own domain name can be harder to remove, because the website owner and domain owner is the fraudster. Only the hosting and DNS providers and the domain registrar are able to take the site down and also likely to cooperate. Read the full story [netcraft.com]