Monthly Archives: February 2008

Statistics on Malware

Some new statistics on how widespread malware has become. This research comes from Google’s Anti-Malware team (full document is here)

  • The majority of malware sites are hosted in China
  • 1.3% of Google searches return a link to a malicious site
  • They found more than 3 million unique URLs on over 180,000 web sites that automatically install malware

That’s 3 million web pages that will attempt to install some form of malicious code on your computer.

With things this bad you’d be crazy to use the internet without some kind of web filtering. This is different to virus scanning. Web filtering scans each web page before your web browser loads it, looking for things like phishing and malicious code.

All of the big antivirus products include web filtering these days, it’s a good investment if you haven’t purchased one already.

“Be More Careful” Scam

There are some scam emails going around asking for large amounts of money from readers, such as $30,000.

The emails contain the following in the subject and in the first line of the email:

BE MORE CAREFUL

The rest of it has a long story saying they’ve been asked to kill you and in exchange for money they won’t. It’s a scam hoping to lure worried people with plenty of cash, and if you’re worried you can mention it to your local police.

Note: this is also classified as a hoax though it’s more like a scam.  A hoax is doesn’t involve asking for money whereas a scam does.

Windows Mobile PocketPC Trojan

There’s a new trojan going around for Windows Mobile PocketPC devices. Once installed on a device it sends some details to the person who wrote it, and it leaves a back door to allow the author to install programs on your device without your permission.

pocketpc It’s being called WinCE/InfoJack by antivirus companies. It gets installed when you download a legitimate program from a “hacked” site. For example, it’s been detected in Google Maps (a hacked version of Google Maps, not the original one).

To safeguard against these type of malware only download applications from the vendor who created it. In the case of Google Maps, you should download it from Google’s own website and not a more generic download site.

You should also invest in antivirus software for these devices.

Adobe AIR 1.0

Adobe has been making news today for releasing version 1.0 of their AIR framework. AIR is a new way to develop and run programs, it’s a combination of a web page but runs without a web browser.

Adobe Air It has a long list of security features to make programs seem safe. And because of how internet applications work experts agree it won’t be long until this new technology is exploited.

One thing to be careful of is when AIR warns you about “self signed” applications. This means that no reputable company has verified the person who wrote the program. So if you download an AIR application and you get warned about it being self signed, the safe bet is to deny it.

If you’re tempted to play with AIR applications just be conscious of where you’re downloading programs from. They won’t remain safe for long.

GSM Encryption

Most mobile phones in the world (also called cell phones, or hand phones) use the GSM network, and GSM generally uses an encryption protocol called A5.

phone booths A5 encryption was always a weak design but the equipment to decode it used to cost between US$70,000 and US$500,000 so it wasn’t very common.

Now some new research shows it can be cracked with around US$1000 of equipment. This makes it accessible to most businesses and individuals. It’s still theoretical though it won’t be long until anyone can download the software required to do it.

What does this mean to phone users?

Conversations carried out over mobile phones should not be considered secure. If the technology exists for competitors to sit outside an office and listen in on calls then you should change how you carry out business.

Apart from this new research on cracking the encryption there’s another method that has existed since phone networks began operation. All mobile phone carriers have the ability to record conversations for law enforcement purposes. They just have to press some buttons on their computer and your conversations get recorded. So you shouldn’t be sharing trade secrets on the phone anyway.

And now’s a good time to mention that SMS messages have never been secure. Most GSM networks keep a log of all SMS messages and this information is available to law enforcement agencies (or to anyone corrupt at the phone companies or to anyone that hacks into a phone company’s network).

Some articles to read if you need more information: here, here and here.

Has your email been hacked?

If you suspect someone else is reading your emails you normally change your password immediately and figure out how they were able to access your account.

lens If you’re curious then the following information could interest you ;-)

There’s a free online service called OneStatFree that can be used as a tripwire to detect access to your emails. It will tell the time and day your email was opened (by someone other than you), the country it was access from, the IP address and possibly more information (such as city) depending on the actual network used.

The way it works is you create a special email and send it to yourself. You never open this email yourself and if someone else does it will instantly send some information to the OneStatFree service, which you then check at a later date.

Full instructions are provided here, it should be fairly easy for most people to follow.

Just keep in mind that if someone is indeed reading your emails this trick won’t stop them. So think carefully if you want to continue compromising your email while you investigate the culprit, or take immediate action and change your password.

Comando Antifrode CAFF

italian flag A fraudulent Italian web site has appeared called the Comando Antifrode CAFF. This organisation doesn’t really exist but they’ve made it look like other Italian government web sites.

The site has links to download some malware files that install a trojan on the computer. It’s best avoided.

Fraud Statistics

The US Federal Trade Commission (FTC) has released a report showing some statistics on fraud for 2007. These statistics come from people who report incidents of fraud to them, so it’s really limited to USA. The problem worldwide would be much much worse.

The top 20 complaint categories were:

Rank    Category    Complaints

  1. Identity Theft    258,427
  2. Shop-at-Home/Catalog Sales    62,811
  3. Internet Services    42,266
  4. Foreign Money Offers    32,868
  5. Prizes/Sweepstakes and Lotteries    32,162
  6. Computer Equipment and Software    27,036
  7. Internet Auctions    24,376
  8. Health Care Claims    16,097
  9. Travel, Vacations, and Timeshares    14,903
  10. Advance-Fee Loans and Credit Protection/Repair    14,342
  11. Investments    13,705
  12. Magazines and Buyers Clubs    12,970
  13. Business Opportunities and Work-at-Home Plans    11,362
  14. Real Estate (Not Timeshares)    9,475
  15. Office Supplies and Services    9,211
  16. Telephone Services    8,155
  17. Employ. Agencies/Job Counsel/Overseas Work    5,932
  18. Debt Management/Credit Counseling    3,442
  19. Multi-Level Mktg./Pyramids/Chain Letters    3,092
  20. Charitable Solicitations    1,843

That’s 258,427 cases of identity theft in one year, in one country! The total fraud losses recorded in this report totals more than $1.2 billion. The full report is here.

Trust Encryption Device (TED)

Australia’s CSIRO has developed a security device for online banking. It’s like a flash drive and contains a virtual computer environment which makes applications like online banking more secure.

However there’s a lot of doubt in the security world. You still need to plug it into a computer for it to start up, and you don’t always know what’s on the computer. Malware could still take screenshots and send them off to some unknown person on the other side of the world, and there’s little explanation on how it’s meant to avoid being tampered with.

It’s a technology to keep a watch on for the future. Full article here.