Posts Tagged ‘AntiVirus’

IMF boss rape video? Mac malware spreads via Facebook links

Published by pratyushkp on June 1st, 2011 - in Social, Technology

Image by Getty Images via @daylife

Mac OS X malware is being spread by sick messages spreading virally across Facebook, claiming to be a video of controversial IMF boss Dominique Strauss-Kahn.

The fake anti-virus attack first appears in your timeline as a message apparently posted by one of your friends.

oh shit, one more really freaky video O_O

IMF boss Dominique Strauss-Kahn Exclusive Rape Video - Black lady under attack!
[LINK]
IMF chief Dominique Strauss-Kahn rape scandal. Mother of Alleged Rape Victim: Dominique Strauss-Kahn Did Not Want To Be President of France - ABC News

(I have obscured the image used in the message in case it causes offence).

The message’s text refers to the news story of IMF chief Dominique Strauss-Kahn who is facing charges in New York over charges that he tried to rape a hotel maid.

In terms of sick headlines to entrap users, this one ranks right up there. It’s been, of course, a very big news story – and many people have been following the case with interest. And that probably explains why the hackers have used the promise of a video as bait.

Clicking on the link takes you to a webpage, which appears to consist of a still from a sex movie. However, when I visited the page on my Apple Mac I was rapidly redirected to a “Mac Defender”-style fake anti-virus attack, written specifically with the intention of infecting my computer.

Sophos Anti-Virus for Mac intercepted the attack as OSX/FakeAVZp-C.

What’s interesting is that up until now we have mostly seen these fake anti-virus attacks target Mac users by poisoning search engine results. But now we are seeing them being distributed by viral Facebook spam campaigns as well.

It’s probably not too difficult to put yourself in the shoes of a computer user who knows that they are possibly about to watch a seedy video, only to find themselves facing a screen warning them of numerous security threats.

In many ways this is a genius piece of social engineering to frighten unsuspecting Mac users into installing the software and handing over their credit card details.

It’s just a shame that Facebook’s own security systems are currently failing to stop these links from spreading.

Download Sophos’s free anti-virus for Mac home users. It’s automatically updated to protect against the latest threats. Another step you should take is changing the default settings on Safari – it’s not a complete defence, but it can help a little.

Related articles
  • IMF boss rape video? Mac Facebook users hit by a sick scareware attack (nakedsecurity.sophos.com)
  • Mac Defender malware now spreading virally via Facebook (zdnet.com)
  • Male-only cleaners for Dominique Strauss-Kahn (mirror.co.uk)
  • Blackhat SEO and Fake anti-virus – Like chocolate and peanut butter (blogoholic.in)
  • “Former IMF Chief Dominique Strauss-Kahn Said to Maid While Assaulting her … “Don’t You Know Who I Am?”" and related posts (scaredmonkeys.com)
  • “Strauss-Kahn Scandal Continues to Reverberate” and related posts (thenewspundit.com)
Tags: , , , , , , , , , ,
1 Comment »

Fake Firefox warnings lead to scareware

Published by pratyushkp on May 31st, 2011 - in Social, Technology

Image via CrunchBase

Purveyors of fake security software don’t let much grass grow under their feet and continually make improvements to their social engineering lures.

While most of the talk for the past month has been their move to Mac with fake Finder pop-ups that appear to scan your computer, they haven’t stopped innovating on Windows either.

Their latest scam? They detect your user-agent string from your web browser and display a fake Firefox security alert if you are using the Mozilla Firefox web browser.

Internet Explorer users get the standard “My Computer” dialog that appears to do a system scan inside their browser window.

Taking advantage of detailed information about the person’s computer and software allows for a much more specific, believable social engineering attempt.

We are likely to continue to see these criminals targeting each operating system, browser and any other details that can be gleaned from HTTP requests sent from our devices.

If you click the “Start Protection” button you will download the latest, greatest fake anti-virus program which will perform exactly the way you would expect a fake anti-virus program it to.

It will faithfully detect fake viruses on your computer until you register it for $80 or more.

If you are a Firefox user and see a warning about viruses on your computer, you will know it is fake. Firefox does not include a virus scanner inside of it and it will only warn you about visiting malicious pages.

If you get a warning about a dangerous website from Firefox you can always play it safe… Close the browser.

Source :- http://nakedsecurity.sophos.com

Related articles
  • Fake Firefox warnings lead to scareware (nakedsecurity.sophos.com)
  • Everything You Need to Know About Mac Scareware (pcworld.com)
  • Blackhat SEO and Fake anti-virus – Like chocolate and peanut butter (blogoholic.in)
  • SCAREWARE FOR MACINTOSHES: The fact that Mac users have fallen victim to “scareware” scams – the… (pajamasmedia.com)
  • New Mac fake-defenders similar to Windows scareware (go.theregister.com)
  • Apple admits scareware problem, at last (go.theregister.com)
  • Newest Mac Defender scareware installs without a password (infoworld.com)
  • Protect yourself from the fake anti-virus’ and Java exploits (one7.wordpress.com)
  • G Data CloudSecurity, Web Browser Protection Plugin (ghacks.net)
Tags: , , , , , , ,
No Comments »

Blackhat SEO and Fake anti-virus – Like chocolate and peanut butter

Published by pratyushkp on May 26th, 2011 - in Social, Technology

Image via Wikipedia

Original Article posted on http://nakedsecurity.sophos.com

Author Name – Chester Wisniewski

It’s not exactly a new story that people are being hit hard by fake anti-virus, but I want to draw attention to the sophistication of their software and distribution methods.

Many IT professionals I work with have had to clean up after these infections, and equally as many blame their users for being stupid for getting infected. As a researcher, I know this is not necessarily the case. Certainly, some people make ignorant mistakes clicking links and opening attachments, but many of these attacks are convincing enough that simple computer security advice is not enough to protect users from them.

I just came across another instance of a long running spam campaign pretending to be a message from the user’s ISP telling them to run a file from a web link to update their email program settings. The download led to a fake anti-virus variant that was very realistic.

Dear Customer,

This e-mail was sent by CENSORED.com to notify you that we have temporanly prevented access to your account.

We have reasons to beleive that your account may have been accessed by someone else. Please run this file and Follow instructions:

http://ddd33.CENSORED.com/setup.zip

(C) CENSORED.com

This particular payload behaved much more like a real anti-virus product than ever before. It actually detected my installation of Sophos Anti-Virus and prompted me to uninstall it!

Most fake anti-virus I have run into is distributed through blackhat SEO poisoning. I recently put together a video showing how scammers are gaming Google and Bing to distribute this malware in ways your users may not expect.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

black hat

Aside from its sophistication in trying to remove our product as well as being distributed through an email, today’s sample of fake anti-virus looks and behaves like most others. It has an annoying habit of rebooting your workstation every 15 minutes or so.

To help educate both professionals and end users we have put together some materials on the 10 myths of safe web browsing. This includes some papers, a link to the video above, and a widget you can deploy on your Intranet that helps train users on safer internet usage.

Related articles
  • Apple finally admits to Rogue anti-Virus problems (thetechherald.com)
  • Self Defense – Sophos Anti-Virus (smilingmac.wordpress.com)
  • Mac fake anti-virus attack adopts new disguise (nakedsecurity.sophos.com)
  • Fake Mac Defender ‘Anti-Virus’ For Macs On The Loose (techie-buzz.com)
  • Remove Fake Anti Virus Immediately ? Secure Your Pc With Best Anti … (besthomesecurityinfo.com)
  • Mac needs AntiVirus? (echlinm.wordpress.com)
  • Run your anti-virus program. (newsiam.wordpress.com)
  • Free Sophos Anti-Virus for Mac: ‘Frankly there’s no reason not to try it’ (nakedsecurity.sophos.com)
  • Free anti-virus for Mac named Best Anti-Malware solution at SC Awards (nakedsecurity.sophos.com)
  • Mac users hit with Fake AV when using Google image search (nakedsecurity.sophos.com)
Tags: , , , , , , , , , ,
2 Comments »
© Social Media Blog

Ad Plugin made by Free Wordpress Themes