Another day, another rogue. This time it's named Barracuda Antivirus. I guess they wanted to ride the coattails of the real Barracuda firewall products. As usual, the fake Barracuda Antivirus will pop fake warnings and try to goad you into buying it.
The real
Barracuda Networks had this to say:
This rogue ‘Barracuda Antivirus’ program is in no way affiliated with Barracuda Networks and is just one of a string of recent examples of hackers attempting to spread malicious programs using an established and trusted Internet security brand,” said Stephen Pao, vice president of product management for Barracuda Networks.
Barracuda is a successor to AntivirusBest. You can probably get rid of it with Malwarebytes Antispyware using the removal guide at
Bleeping Computer for AntispywareBest. Screen shot of Barracuda Antispyware
here.
More information about the real and legit Barracuda Networks
here. They make hardware products to filter malware and spam for large networks, not really a home consumer solution.
Written by Nick on July 2nd, 2009 with comments disabled.
Read more articles on Rogue Programs and Rogue Alerts.
I don't use iPhoto too much, but it has it uses. There's a nice 103 MB update for it that fixes the issue from the iPhoto 8.03 update that caused iPhoto to crash. You could work around it by holding the Option key and then choosing your library, but what fun was that. I didn't have that problem, but this should help those that did.
Written by Nick on July 1st, 2009 with comments disabled.
Read more articles on Updates and Apple.
Probably not a secret to most, but the latest version of Firefox is out. A big update, since the version went from 3.0 to 3.5. Most of the changes are underneath, so they aren't readily apparent. I've run it for a few hours and haven't had any issues. Tried doing just about everything you can with a browser and it all went well.
Speed is one thing that Firefox 3.5 is touted as having over the older version. It seems like
everyone is
touting their new, even faster browser. I do notice that Firefox doesn't compare itself to other browsers like Safari and IE but the earlier 3.0 and 2 versions. Safari is still faster for me going loading new pages, but clicking back to ones in your history, it's still Firefox.
One thing you'll see that is new is the
private browsing feature. Safari has had it for quite awhile. Google Chrome launched with it and spread awareness, even getting the nickname "porn mode". Nothing groundbreaking, but handy to have. You can always just clear your private data manually.
Firefox 3.5 does have one thing that no other browser has. It supports some video types natively, without the need for a plug-in or 3rd party add-on. However, it's only the open source Ogg file types. Most things people watch online aren't using this. you can see a
demo of a video that also showcases the new features. If web developers make more use of Ogg files, then this could be good. My guess is that it won't mean much until more file types are supported. Wikipedia might be an exception.
Missing is a top sites feature, like Safari and Opera have. You can get it with add-ons for Firefox, but this is becoming a standard feature of these days. I didn't think it was a big deal when Opera had it and then when Safari 4 added it. Once i started using it, it was like tabbed browsing. How did I get by without it before?
Other features include geolocation, the ability to drag tabs to be their own window, and adding a window as a new tab in a different browser window.
Of course there is security. there's a whole list of features listed at the
Mozilla Firefox security page. Private browsing and Forget This Site are the new ones listed. Many of the others, like antimalware and antiphising are listed as improved. I haven't tested those two filters, but they are likely to be weak as they have been in all browsers.
You can download Firefox 3.5 at www.getfirefox.com now. The internal updater for Firefox 3.0 doesn't offer it, as of yet.
Written by Nick on June 30th, 2009 with comments disabled.
Read more articles on Updates and News.
Saw an
alert today about
AVProtection2009. Like all rogue antispyware programs, it warns users about threats on their computer, which are usually false. It runs a somewhat real looking scan. After the scan, the program will offer to remove the threats if you purchase it.
Not too many details yet except what's at the Panda link above.
Written by Nick on June 30th, 2009 with comments disabled.
Read more articles on Rogue Programs and Rogue Alerts.
I regularly see a lot of extremely dubious and rather slimy techniques deployed to get end-users to run horrible things or fall for scams. Generally, the targets tend to be the technologically inept or granny, sitting in the corner. See granny? Sure you do, she's right over there replying to the Third King of Nigeria and helping him out with his cash relocation problem.
However, I've come across a scam rapidly spreading across numerous underground forums and IRC channels that is truly one of the scummiest tactics I've seen in some time.
How bad? Allow the following screenshot to spell it out for you.
Ladies and Gentlemen, allow me to present you with the winner of the Lowest Tactic Used in 2009 award. Do your kids play Neopets? If they do, you might want to read this and gently warn them of the dangers.
Neopets: What is it? From
Wikipedia:
Neopets (originally NeoPets) is a virtual pet website, based around the virtual pets that inhabit the virtual world of Neopia. Visitors can create an account and take care of up to four virtual pets, buying them food, toys, clothes, and other accessories using a virtual currency called Neopoints. Neopoints can be earned through playing games, investing in the game's stock market, trading, and winning contests such as customization and art. Neopets also operates a pay-to-play version known as Neopets Premium, which offers additional features and benefits for a monthly fee of $7.99 (USD).The scam is based around one of the core mechanics of Neopets: kids love rare items and things that nobody else has. Neopets has
magical paintbrushes - stay with me on this - and they're rather hard to get hold of nowadays. As an example of that, here's a
petition posted in 2004(!) that people are
still posting comments to. In addition, here's a list of
current prices - now consider a newcomer to Neopets starts with the rather paltry sum of 1000 Neopoints, and you can see why there's a desire for these items.
This is where we target some 12 year olds with social engineering. Oh dear...
The MethodNeopets is effectively social networking for younger kids and some teenagers. Or, as someone on a hacking forum put it while discussing this particular attack,
...ouch. No surprise, then, that the site has many communal areas where people can chat, hang out, send each other messages and see what's going on. Our hackers will move to the trading areas, where kids can post requests for items they'd like to buy, sell or trade. Then it's just a case of hunting out posts like this....
...and that child is, officially, doomed. Asking for paintbrushes on the trading areas of Neopets will mean that they're likely to be the recipient of a Neomail (private messaging on the Neopets website) that looks like this:
From there, it's just a case of said child visiting the external link, downloading a file and being keylogged into infinity and beyond. Then the fun
really begins.
Wave goodbye to your rare items, kids - and you didn't want your XBox Live account (that potentially has credit card details attached to it) anymore either, did you? The attackers then use the familiar tactic of taking a previously trusted source and using it to attack their friends & other newcomers to the site. Alongside hanging out in the handily labeled "Newbies" section and spamming messages, they'll also post fake "It worked" messages from compromised accounts to the forums of threads started by the attacker, much like people do on Youtube to give the impression that fake programs
actually work (scroll down to "positive comments").
Additionally, the PC is quite possibly used by other people, or indeed belongs to someone else altogether....
...which would be, as you can imagine, a "bad thing".
Shall we see some of the reaction to this attack method from the peanut gallery?
"Stupid 12 year olds" are apparently in for a smackdown.
The above individual is clearly excited by this.
...well, if you're going to
intentionally target young kids you might as well go the whole hog and dump them into a Botnet too. The messages aren't just being posted and sent by private message on the Neopets site - they're also turning up on third party websites too.
Click to Enlarge
Interestingly, sites such as Neopets are accessed in corporate environments too - FaceTime collects live traffic data from commercially deployed Unified Security Gateway appliances at more than 80 mid to large enterprises worldwide that have opted into this program, representing the daily Web-based activities of more than 100,000 corporate workers.
During the past week, these corporate workers have accessed 99 different virtual worlds from their work computers, and at least half of those are targeted at children. Perhaps the kids are asking their parents to check on their Neopets at work or see if the latest friend request on Myspace has been approved?
At any rate, let's hope they're wary of too-good-to-be-true paintbrush deals. Whether at home or in the workplace, "offers" such as the ones above should be avoided and anyone sending your child messages about paintbrush creators should report them
here (you'll need to be logged in to access that URL).
I never thought I'd have to advise young children to stay frosty, but there you go...
Written by Christopher Boyd on June 30th, 2009 with comments disabled.
Read more articles on Social Networking and neopets.
SecretService is the latest rouge antispyware product acording to S!
ri. Away from home, so check out his page for more info.
http://siri-urz.blogspot.com/2009/06/secret-service-rogue.html
Written by Nick on June 26th, 2009 with comments disabled.
Read more articles on Uncategorized.
There's quite a few autoclickers around at the moment (programs that will attempt to cheat
pay per click networks) - thankfully the majority seem to be fairly unreliable. Like this one:
Click to Enlarge
A custom built web browser designed with the affiliate clickfrauder in mind, it gives everything the budding cheat could want.
Apart from a working program, that is. But hey, error messages can be fun too!
This next one is a little slicker, however, and doesn't seem to crash and burn once you fire it up.
Click to Enlarge
You want options? You got options! Select who you'd like to defraud today:
Decide which "clicking model" to roll with:
Is it proxy time yet? It
is? Oh dear.
You know, I'd be willing to bet money this thing has the ability to fake browsers to go with your phoney clicks...
...sigh. And let's not forget the obligatory "About" ramble, which seems rather down where the whole "use of this program by PTC owners" idea is concerned.
I wonder why...
Written by Christopher Boyd on June 24th, 2009 with comments disabled.
Read more articles on Uncategorized.
Well, here we go. First update and it's an Apple router one.
Apple released
firmware update 7.4.2 for their A
irport Base Station and Time Capsule today. Nothing particular for security mentioned, but there are several fixes which are listed as:
- Fixes some problems with extending and maintaining connectivity with extended networks
- Fixes an issue with clients that enable 802.11 "Power Save"
- Fixes connectivity issues with some third-party devices
- Fixes an issue when the base station is configured for PPPoE
- Fixes some Back To My Mac issues with connectivity and support for third-party routers
You don't have to use an Airport router for a Mac to get online and a Windows computer can use an Airport router. I got a Time Capsule for a good cheap price recently and i like it. It's an 802.11n router, has an internal hard drive for sharing files and has a USB port that you can connect more hard drives and printers to so all my Macs and PC's can easily share files and print.
The wireless range is pretty good. I can turn down the transmit power to 25% and still connect through two outside walls and on the other side of the yard from where the router is.
Written by Nick on June 23rd, 2009 with comments disabled.
Read more articles on Updates and Apple.
One thing I run into often, is how to know if that program that is
saying it can fix your spyware and malware woes is actually any good.
As many have found out, even programs that remove malware can be
malware themselves. The infamous SpyAxe (which started me blogging)
was the first mainstream one. That was 2006. Since then, there have
been many, many that have followed. They usually get onto your system
by tricking you into installing a video codec to watch something.
There's even been some for the Mac. It can be quite confusing figuring
out what is a legit antispyware program and what is a rogue.
Sunbelt has a good piece on how to find out. I'll link to the blog
post since the it's a pdf file. http://sunbeltblog.blogspot.com/2009/06/beginners-guide-is-that-real-anti.html
Written by Nick on June 22nd, 2009 with comments disabled.
Read more articles on Uncategorized.
Since using OS X, it's been no fun to to mess with all the updates for Windows. You don't have to deal with 90% or more of the garbage that affects Windows. This isn't to say Windows is no good. I still use it, but nowhere near as much as I used to. Also add the time it takes to filter out all the spam comments that try to get through when comments are enabled, it became tiresome to update this blog.
While looking for up to date info on the election crisis in Iran, I finally started using Twitter. It really is the way to find out information as it happens. Anyways, it has invigorated me to get back to this blog. Tried a few times, so let's see what happens and where it goes.
Oh, Windows 7 certainly has renewed interest in Windows. Running the release candidate and it's looking good.
Written by Nick on June 22nd, 2009 with comments disabled.
Read more articles on Me.
« Older articles
No newer articles
