Posts Tagged ‘Microsoft Windows’

Super Mario data-slurping scare hits the Google Chrome web store

Published by pratyushkp on May 27th, 2011 - in Social, Technology

Fancy a game of Super Mario for free? Well, be careful – because although you may not have to pay any money for it, you might just be giving away a lot of your private data.

Blogger David Rogers has described how he stumbled across something interesting on the Google’s Chrome web store – a playable Super Mario app that – can also access data from all the websites you visit, your browsing history, and your bookmarks.

If you were a fan of Nintendo‘s dungaree-wearing moustachioed Italian plumber, would you bother to read the small print or just be terribly excited at the prospect of playing “Super Mario World” in your browser?

Of course, these apps (technically they’re browser extensions rather than apps..) aren’t endorsed or developed by Nintendo, and by downloading and playing these pale imitations you’re only encouraging others to rip-off the hard work of genius game developers from yesteryear.

But more than that, you could find that the lure of a video game classic could be being used to rip off data about you. Think of that next time your eyes glaze over when faced with small print about what an app is really going to do.

It appears that Google has now removed the errant apps from its Chrome Web Store, but one wonders how many other apps and extensions are designed to slurp up more of your data than reasonably expected.

There’s no indication that the unauthorised Mario games in the Chrome Web store are intentionally malicious, but they’re certainly playing pretty loose in terms of the data they want to access.

There have, of course, been viruses that have posed as Nintendo games in the past.

For instance, on the Windows platform a few years ago we saw the Romario worm, which launched one of the classic Super Mario Bros games, starring the starring the portly Italian plumber.

What would Princess Peach have to say about such shenanigans?

Source :- http://nakedsecurity.sophos.com

  • ‘Super Mario’ runs amok in Chrome Web store (msnbc.msn.com)
  • Google Web Store quietly purged of nosy apps (go.theregister.com)
  • thechromesource Daily: Links for 5/24/11 (thechromesource.com)
  • Video: Chrome Web Store Publisher Forum (thechromesource.com)
  • Chrome Web Store Goes International And Gains In-App Purchases With 5% Flat Fee (techcrunch.com)
  • Nintendo’s Top Five Portable Mario Games (gonintendo.com)
  • Angry Birds is now in the Chrome Web Store for FREE! (ithinkdiff.com)
  • Super Mario data-slurping scare hits the Google Chrome web store (nakedsecurity.sophos.com)

Blackhat SEO and Fake anti-virus – Like chocolate and peanut butter

Published by pratyushkp on May 26th, 2011 - in Social, Technology

Image via Wikipedia

Original Article posted on http://nakedsecurity.sophos.com

Author Name – Chester Wisniewski

It’s not exactly a new story that people are being hit hard by fake anti-virus, but I want to draw attention to the sophistication of their software and distribution methods.

Many IT professionals I work with have had to clean up after these infections, and equally as many blame their users for being stupid for getting infected. As a researcher, I know this is not necessarily the case. Certainly, some people make ignorant mistakes clicking links and opening attachments, but many of these attacks are convincing enough that simple computer security advice is not enough to protect users from them.

I just came across another instance of a long running spam campaign pretending to be a message from the user’s ISP telling them to run a file from a web link to update their email program settings. The download led to a fake anti-virus variant that was very realistic.

Dear Customer,

This e-mail was sent by CENSORED.com to notify you that we have temporanly prevented access to your account.

We have reasons to beleive that your account may have been accessed by someone else. Please run this file and Follow instructions:

http://ddd33.CENSORED.com/setup.zip

(C) CENSORED.com

This particular payload behaved much more like a real anti-virus product than ever before. It actually detected my installation of Sophos Anti-Virus and prompted me to uninstall it!

Most fake anti-virus I have run into is distributed through blackhat SEO poisoning. I recently put together a video showing how scammers are gaming Google and Bing to distribute this malware in ways your users may not expect.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

black hat

Aside from its sophistication in trying to remove our product as well as being distributed through an email, today’s sample of fake anti-virus looks and behaves like most others. It has an annoying habit of rebooting your workstation every 15 minutes or so.

To help educate both professionals and end users we have put together some materials on the 10 myths of safe web browsing. This includes some papers, a link to the video above, and a widget you can deploy on your Intranet that helps train users on safer internet usage.

  • Apple finally admits to Rogue anti-Virus problems (thetechherald.com)
  • Self Defense – Sophos Anti-Virus (smilingmac.wordpress.com)
  • Mac fake anti-virus attack adopts new disguise (nakedsecurity.sophos.com)
  • Fake Mac Defender ‘Anti-Virus’ For Macs On The Loose (techie-buzz.com)
  • Remove Fake Anti Virus Immediately ? Secure Your Pc With Best Anti … (besthomesecurityinfo.com)
  • Mac needs AntiVirus? (echlinm.wordpress.com)
  • Run your anti-virus program. (newsiam.wordpress.com)
  • Free Sophos Anti-Virus for Mac: ‘Frankly there’s no reason not to try it’ (nakedsecurity.sophos.com)
  • Free anti-virus for Mac named Best Anti-Malware solution at SC Awards (nakedsecurity.sophos.com)
  • Mac users hit with Fake AV when using Google image search (nakedsecurity.sophos.com)

Google Chrome Warns Against Malicious Downloads

Published by pratyushkp on April 17th, 2011 - in Social, Technology

The browser now alerts users if the file being downloaded is malicious

Google boasts about several security features in its Chrome web browser. Now, Google has added one more feature in Chrome web browser which will alert users against malicious file downloads. Now that’s something every browser should ideally have so that users don’t have to be dependent on anti-malware programs. This experimental feature is currently made available to Chrome Development Channel for testing and initially, it will alert against malicious Windows executables.

The Google Safe Browsing API comes into picture when the browser checks if the Windows executable being downloaded originates from a malicious code bearing site or not. Also, it has the same privacy policy as in the Safe Browsing feature which means Google will never know what URL you’ve visited to download that particular file.

This new alert against malicious file download could be too small to be noticed. At times, users are in such a hurry that they click on the ‘x’ (Close) on any pop-up message. So instead of showing an alert just above the status bar, something more attention drawing is required to make this feature actually useful.

Google Chrome has been offering features such as alerts the users against faulty websites that intend to inject malicious code in the user system. Google accumulates data about such websites and makes it available via Safe Browsing API. Several web browsers – Google Chrome, Mozilla Firefox, and Safari make use of Google’s Safe Browsing API to warn users if they happen to visit webpages that have been coded smartly to inject malware code in the system.
Google didn’t promise any date when the feature would be implemented and made available via a stable build of the Chrome browser.
Source -: http://www.techtree.com/India/News/Google_Chrome_Warns_Against_Malicious_Downloads/551-115023-643.html

  • This File Appears To Be Malicious, Google Chrome Safe Browsing Protection (ghacks.net)
  • Rumor: Get Google Chrome Web Browser will login Soon ? (huangyu860810.wordpress.com)
  • Google’s Chrome Browser to Warn of Dangerous Downloads (pcworld.com)
  • Google Chrome Stable Security Update April 2011 (ghacks.net)
  • Google Chrome Browser Will Block Dangerous Downloads (pcworld.com)
  • Chrome’s New Security Feature Will Protect You From Malicious Downloads (GOOG) (businessinsider.com)
  • Google Chrome at 120 Million DAU, Chrome OS Set for Mid-Year (searchenginejournal.com)
  • Google Chrome to warn of malicious Windows executables (go.theregister.com)
  • Five Hot Features Coming to Google’s Chrome Browser (pcworld.com)
  • Google Chrome and Chromium add protection against malicious downloads (downloadsquad.switched.com)

IE9 Downloads Cross 2.3 Million in One Day IE9 Downloads Cross 2.3 Million in One Day

Published by pratyushkp on March 19th, 2011 - in Social, Technology

Microsoft on Cloud 9

The final version of Internet Explorer 9, the latest iteration of Microsoft’s web browser, was released to public two days ago on of March 15. In just 24 hours, the browser managed to cross 2.3 million downloads. That’s a pretty impressive number, considering only Windows Vista and 7 users can download this browser. Of course, Microsoft couldn’t be more pleased with this news, as is evident from their blog post. In comparison though, Firefox 3 managed to cross 8 million downloads in a day, creating a world record for itself back in 2008. Then again, Firefox is a multi-platform browser, available to Mac and Linux users as well.

We are glad that IE9 is getting a good response. It’s quite a good browser and for the first time, Microsoft has a browser that can compete with the best of the browsers out there. Unfortunately, unless the Windows XP users upgrade to Windows 7, we don’t really see the percentage of IE6 users to drop any time soon. Too bad IE9 is not available for XP users.
To download IE9, click here. To read our full review, click here.

  • IE9 Hits 2.3 Million Downloads In 24 Hours (informationweek.com)
  • 10 Things You Need To Know About Internet Explorer 9 (maketecheasier.com)
  • Internet Explorer 9 Reaches 2.3 Million Downloads In 24 Hours (webpronews.com)
  • IE9 First Day Downloads Disappoint (conceivablytech.com)
  • IE9: Downloads beat Angry Birds, lag Firefox and Opera (go.theregister.com)
  • IE9 downloads hit 2.3m, miles behind Firefox – but could soon hit 100m (guardian.co.uk)
  • This week at Microsoft: IE9, spam, and Metro expansion (thenextweb.com)
  • Firefox 4 to be released March 22, will it beat IE9? (downloadsquad.switched.com)
  • “IE9 downloaded more than 2.35 million times in 24 hours” and related posts (neowin.net)
  • “Internet Explorer 9 Hits 2.3 Million Downloads in 24 Hours” and related posts (gadgetvenue.com)
Tags: Internet Explorer 9, , , , , , Windows Vista, Windows XP
© Social Media Blog

Ad Plugin made by Free Wordpress Themes