Video : Scam Warnings on Craigs List

Video : Scam Warnings on Craigs List.



The U.S. Postal Service says there are thousands of fake checks making their way to unsuspecting consumers who've been scammed on the internet.

Sharon Williams was looking for a roommate for her son on the popular website "Craig's List".

She found someone alright except what followed next can fool even the most honest of people.

If you don't think you can be fooled, you'd better watch this segment from Fox29 Undercover's Jeff Cole.

AVG releases second beta edition of AVG 8.0

AVG releases second beta edition of AVG 8.0.

New version of leading security suite offers extended protection and greaterusability.

GRISOFT, developer of the AVG family of security software products, today released the second beta edition of AVG 8.O for Windows for public testing. AVG 8.0 offers a completely new multi-threaded scanning engine that combines anti-virus and anti-spyware while retaining the product’s signature small footprint and scanning efficiency. Additional protection is provided in the form of safe searching and safe surfing protection acquired through the recent purchase of Exploit Prevention Labs, rootkit detection, basic security for MSN and ICQ instant messaging, and detection of malware-infected files on websites. Windows users interested in participating in this public beta can register and download the software at http://beta.avg.com/.

”This new version of AVG significantly extends the protection available to our users”, said Karel Obluk, chief technology officer for AVG. “We believe that this additional online protection, along with the redesigned user interface, will provide simpler, more effective protection against today’s Internet threats– real-time protection in a real-time world.”

Chief research officer Roger Thompson added; “We’re looking forward to seeing early user feedback on this second public beta, and to providing users with the best possible protection against malware and cybercrime whenever they’re online.”

Through its public beta process, AVG is able to test new functionality in a wide range of real-world environments in addition to its development and research labs, thanks to the company’s 60+ million users. Beta test participants also benefit by directly providing feedback on new products before their release to the general population.

About GRISOFT

http://www.avg.com/

GRISOFT is a leading developer of antivirus, firewall protection and Internet security solutions for consumers and SMBs. It is one of the fastest growing companies in the industry with more than 60 million protected computers around the world. Established in 1991, GRISOFT employs some of the world’s leading experts in Internet security, specifically in the areas of virus analysis and detection, software development, and threat research. AVG’s award-winning products are distributed globally through an extensive network of resellers and the Internet as well as via Software Developer’s Kits (SDKs) to interested third parties.

Source : AVG

Banker trojans detected in 2007 increased by 463%

Banker trojans detected in 2007 increased by 463%.

PandaLabs detected 463 percent more banker Trojans last year than in 2006. This increase in detection rates has been possible thanks to the development of an innovative security system called ‘Collective Intelligence’.

The system is based on the collection of information concerning malware from the Internet community and the automated processing of this data in new datacenters. The data is correlated and used to offer greater detection ratios and improve the security of Panda customers, who thanks to the Collective Intelligence, now have more efficient and easy-to-use products.

“There are currently thousands of new malware samples appearing every day. Before developing the Collective Intelligence system, it was difficult to analyze and classify all the information. But now, the analysis and collection process which determines if a file is malware or legitimate, is done automatically, allowing us to protect our customers quicker and more efficiently against the latest threats,” explains Luis Corrons, Technical director of PandaLabs.

The spectacular increase in the amount of banker Trojans corresponds to the new malware dynamic. Cyber-crooks no longer seek fame or notoriety with their infections, but financial benefits. In this sense, banker Trojans are a very efficient tool for cyber-crooks, since these malicious codes are designed to steal bank details, account numbers, etc. which are later used to empty users’ bank accounts.

To avoid falling victim of these Trojans, PandaLabs recommends:

- Installing an efficient and up-to-date security solution with proactive technologies, such as Panda’s TruPrevent technologies, which detect unknown threats.

- Avoiding carrying out unsafe actions, such as opening mails from unknown recipients, opening links that arrive through mail or instant messaging programs instead of typing them in the browser, or downloading suspicious files through P2P networks.

- Keep the programs installed on the system up-to-date, to prevent vulnerabilities from being used to insert malware on the computer.

- Finally, scan the computer for malware with an online solution such as TotalScan (http://www.pandasecurity.com/totalscan).

These tools have access to a larger knowledge base and can therefore detect more malware than the solutions installed on the computer.

Panda Security focuses on user protection on the Safer Internet Day

Panda Security focuses on user protection on the Safer Internet Day.

One of the primary goals of Panda Security is to make the Internet safer to use, and as such, it is supporting the 5th edition of the Safer Internet Day by offering one month’s free use of Panda Internet Security, its integrated security suite, available at: http://www.pandasecurity.com/homeusers/downloads/internet-security

On this year’s Safer Internet Day, Panda Security wants to draw special attention to the protection of children, since they are less aware and therefore more vulnerable.

Pornography, violence, predators, etc. are some of the threats children could face on the Internet. That is why Panda Internet Security includes parental control features. This mechanism gives parents control over which web pages their children can visit, increasing their security in the most simple and convenient way.

But it isn’t only children who at risk while surfing the Web. In 2007, there was a steady increase in the number of web pages used to distribute Trojans, worms and other malware. Not all such pages are malicious, some are legitimate pages that have been modified by cyber-crooks to infect visitors.

To protect Internet users against this increasing threat, Panda Internet Security has a web filtering system to block malicious and fraudulent pages. This way, Panda Internet Security blocks specially-crafted pages that download malware or steal confidential data such as passwords or bank account numbers from users.

Users’ confidential data is further protected and reinforced with “Identity Protect”. This function allows users to control their confidential data by informing them when and where it will be sent. Online transactions and data exchange therefore become safer.

Panda’s suite also allows users to scan their computers with TotalScan Pro, an online solution which offers higher detection capacity, since it is based on the innovative security model known as “Collective Intelligence”. This system is based on the collection of information concerning malware from the Internet community and the automated processing of this data in new datacenters. The data is correlated and used to offer greater detections and improve the security of Panda customers.

Panda Internet Security also offers other functions, such as anti-spyware, a system for improving PC performance, Firewall, Anti-Phishing, anti-rootkit, etc. One free month’s download of Panda Internet Security is available at http://www.pandasecurity.com/homeusers/downloads/internet-security

Increased Use of Spam Combined With Social Engineering To Spread Malware

Increased Use of Spam Combined With Social Engineering To Spread Malware.

PandaLabs has detected an increase in the use of spam combined with social engineering to spread malware. Several examples have appeared over the last few days.

The most recent case detected involves emails warning of an alleged malware alert (with subjects such as: Worm alert! or spyware alert!), but whose real aim is to spread the Nurech.Z worm. To make the messages more credible, typically trusted sources such as Customer Support are used as the name of the sender.

Another recent case uses photographs of Britney Spears as bait. The email has subjects including “Britney spears naked pussy & paris Hilton” or “Hot pictures of Britiney Speers”. On opening the email, users will find several erotic photos of the singer. However, when they click on the photo they will actually be downloading the malicious code onto the computer. This worm exploits a vulnerability in Microsoft ANI files in order to spread. This code then downloads other examples of malware onto computers.

The third example is similar to the previous one, although it emerged a few days later. The only difference is the protagonist. In this case it uses photos of the pornstar Jenna Jameson as a lure to trick users into clicking on the link hidden in the pictures. The result is the same. The malicious code exploits vulnerabilities in ANI files to infect the computer and download more malware.

“Emails have also been received with subjects like “Hot pictures of paris hilton nude” or other similar titles. The aim is the same: to entice users into clicking on a link and falling into the trap. This is known as social engineering”, explains Luis Corrons, technical director of PandaLabs.

Another example has been used to spread the Grum.A worm. This malware spreads in emails offering a beta of Internet Explorer 7. As in the previous cases, the message contains a photograph, which in this case supposedly gave access to the beta version of IE 7.

“Why use spam to spread malware? On the one hand, junk mail reaches people on a massive scale and therefore improves the chances of success. On the other, in this way cyber-crooks get the users themselves to download the infected file, so avoiding malicious attachments being detected and eliminated by antivirus solutions.”, explains Luis Corrons.

All users that want to know whether their computers have been attacked by these or other malicious code can use TotalScan, the free online solution available.

They can also use the NanoScan beta, an online scanner that detects active malware on computers in less than 1 minute.

FBI - DON'T MAKE THE CALL - The New Phenomenon of 'Swatting'

FBI - DON'T MAKE THE CALL - The New Phenomenon of 'Swatting'.

Remember the “phone phreakers?” The term hit our national consciousness in the 1970s, when a magazine reported on a small group of techie troublemakers who were hacking into phone companies’ computers and making free long-distance calls.

Today, there’s a new, much more serious twist on this old crime. It’s called “swatting,” and it involves calling 9-1-1 and faking an emergency that draws a response from law enforcement—usually a SWAT team.

Needless to say, these calls are dangerous to first responders and to the victims. The callers often tell tales of hostages about to be executed or bombs about to go off. The community is placed in danger as responders rush to the scene, taking them away from real emergencies. And the officers are placed in danger as unsuspecting residents may try to defend themselves.

Last year, for example, a 19-year-old Washington state man was charged by California authorities after pretending to be calling from the home of a married California couple, saying he had just shot and murdered someone. A local SWAT team arrived on the scene, and the husband, who had been asleep in his home with his wife and two young children, heard something and went outside to investigate—after first stopping in the kitchen to pick up a knife. What he found was a group of SWAT assault rifles aimed directly at him. Fortunately, the situation didn’t escalate, and no one was injured.

The schemes can also be fairly sophisticated. Consider the following case investigated by our Dallas office recently in concert with a range of partners:

Five swatters in several states targeted people who were using online telephone party chat lines (or their family or friends).

The swatters found personal details on the victims by accessing telecommunication company information stored on protected computers.

Then, by manipulating computer and phone equipment, they called 9-1-1 operators around the country. By using “spoofing technology,” the swatters even made it look like the calls were actually coming from the victims!

Between 2002 and 2006, the five swatters called 9-1-1 lines in more than 60 cities nationwide, impacting more than 100 victims, causing a disruption of services for telecommunications providers and emergency responders, and resulting in up to $250,000 in losses.

“Swats” that the group committed included using bomb threats at sporting events, causing the events to be delayed; claiming that hotel visitors were armed and dangerous, causing an evacuation of the entire hotel; and making threats against public parks and officials.

Case work. The swatters were tracked down through the cooperative efforts of local, state, and federal agencies and the assistance of telecommunications providers and first responders. In all, the case involved more than 40 state and local jurisdictions in about a dozen states. All five subjects have pled guilty to various charges and are scheduled to be sentenced in 2008.

Why did they do it? Said Kevin Kolbye, Assistant Special Agent in Charge of our Dallas office: "Individuals did it for the bragging rights and ego, versus any monetary gain." Basically, they did it because they could.

Law enforcement agencies at all levels are currently working with telecommunications providers around the country to help them address swatting activity.

You can help, too—if you believe you’ve been a victim of a “swat” please contact your local FBI office.

Source : FBI

FBI - Internet Alert: St. Valentine’s Day E-Card Carries Storm Worm Virus

FBI - Internet Alert: St. Valentine’s Day E-Card Carries Storm Worm Virus.

If you unexpectedly receive a Valentine’s Day e-card, be careful. It may not be from a secret admirer, but instead might contain the Storm Worm virus.

With the holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software (malware). The e-mail directs the recipient to click on a link to retrieve the electronic greeting card (e-card). Once the user clicks on the link, malware is downloaded to the Internet-connected device and causes it to become infected and part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines on the Internet.

The Storm Worm virus has capitalized on various holidays in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail. Valentine's Day has been identified as the next target.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided.

To receive the latest information about cyber scams please go to the FBI website and sign up for e-mail alerts by clicking on one of the red envelopes. If you have received a scam e-mail, please notify the IC3 by filing a complaint at http://www.ic3.gov/ . For more information on e-scams, please visit the FBI's New E-Scams and Warnings webpage.

Source : FBI

Alert : Storm Worm Virus

Alert : Storm Worm Virus

Prepared by the Internet Crime Complaint Center (IC3) February 11, 2008

With the Valentine's Day holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software (malware). The e-mail directs the recipient to click on a link to retrieve the electronic greeting card (e-card). Once the user clicks on the link, malware is downloaded to the Internet connected device and causes it to become infected and part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines on the Internet.

The Storm Worm virus has capitalized on various holidays in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail. Valentine's Day has been identified as the next target.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided.

If you have received this, or a similar e-mail, please file a complaint at http://www.ic3.gov/.

AMWAY WARNS OF BOGUS INTERNET CHARITY SCAM - Amway Children Charity Foundation

AMWAY WARNS OF BOGUS INTERNET CHARITY SCAM - Amway Children Charity Foundation.

Amway Corporation (Quixtar in the U.S. and Canada) has discovered an internet scam that uses a bogus Amway charity as a lure. Amway cautions individuals to be on the lookout for e-mails from a group calling itself the “Amway Children Charity Foundation”.

Please be advised that this is not an Amway-sanctioned program and the name, program and people indicated in the e-mails are not related to Amway in any way and do not have Amway’s authority or support.

The goal of the scam is to trick people into sending money to the fraudulent charity. The bogus group sends an e-mail informing the recipient that he/she has been selected as a recipient of a grant to help establish a children’s help center to assist poor children in the area. A nomination code number may be given, and banking information is requested.

If the recipient responds, an indemnity bond of several hundred euros is demanded. The e-mails may be signed from “Dr. Kevin Brown” or someone else claiming to be a grant processing officer. Fraudulent activities involving payment or release of personal financial information can be committed electronically from a remote location, including overseas. Committing these activities in cyberspace allows scam artists to act quickly and cover their tracks before the victim becomes aware of the theft.

This type of fraud is identified by the FBI as an Advanced Fee scheme which occurs when the victim pays money to someone in anticipation of receiving something of greater value, such as a grant, loan or gift, and then receives little or nothing in return.

This “Amway Children Charity Foundation” scam has been circulated by e-mail in Europe, North America, Australia and Asia. Recipients are advised to not respond or reply in any way. Amway is currently investigating the origin of the scam and authorities have been notified. If you have information or questions about this scam, please contact Amway through its Corporate Communications Department at (616) 787- 7565.

Source : Amway

Use of worms to steal confidential data increasing in 2008

Use of worms to steal confidential data increasing in 2008.

Even though Trojans caused most damage in January, infections caused by worms to steal information increased significantly.

This is part of the new malware dynamic, with hackers creating threats designed for online fraud, identity theft crimes, etc.

This year has begun with alarming data: in addition to Trojans, the use of worms to steal users’ confidential data is also on the increase. According to data collected by the Panda ActiveScan online anti-malware solution, while Trojans caused 24.41 percent of infections, worms accounted for 15.01 percent. This data contrasts with the 2007 data, in which attacks caused by worms were responsible for less than 10 percent of infections.

According to PandaLabs, the malware analysis and detection laboratory at Panda Security, this is due to the increasing activity of Nuwar-type worms, also known as Storm Worms. Computer worms can spread rapidly on their own. However, unlike those that caused epidemics massively covered by the media, they do not seek to collapse data traffic or damage computers. Instead, their objective is to steal confidential data for online fraud or identity-theft crimes.

To do so, these worms usually arrive in messages that use social engineering techniques which refer to current affairs. They also include links redirected to pages that have been modified to automatically install other malware which steals the data, or to spoof pages similar to those used for phishing attacks.

“Although we suspected this would occur, we didn’t think cyber-crooks would focus on these types of worms so soon. It is a very dangerous threat, since even though its effects are more visible than Trojans’ and they can be neutralized more easily, these worms can carry out indiscriminate ‘storm’ attacks to collect large amounts of confidential data very quickly,” claims Luis Corrons, Technical Director of PandaLabs, who adds: “For further efficiency, hackers are putting numerous samples of these worms in circulation in very little time, so the probability of being infected is higher”.

Other types of malware that caused damage in January included; adware (21.21%), backdoor Trojans (4.03%), spyware (3.13%) and bots (2.65%).

The most active malicious codes

The most active malware in January was the Downloader.MDW Trojan, designed to download other malicious codes onto the system. Bagle.HX and Perlovga.A come second and third.

Next come the Puce.E worm, the Spammer.ADX Trojan and the Brontok.H email worm. The last four in the table are the QV variant of the Bagle worm, the Downloader.RWJ Trojan, the VideoAddon adware and the Lineage.GYE worm, whose objective is to steal passwords of the Lineage online game.

For more information about these and other threats, go to the PandaLabs Encyclopedia

Panda Security offers several free tools for scanning PCs at: http://www.infectedornot.com/

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

AV-Test.org shows the effectiveness of Panda Security’s proactive and anti-rootkit technologies

AV-Test.org shows the effectiveness of Panda Security’s proactive and anti-rootkit technologies.

According to the results obtained in the Q1/2008 comparison test of anti-malware solutions conducted by the prestigious organization AV-Test.org (http://www.av-test.org/), Panda Security’s proactive and anti-rootkit protection technologies are among the best in the market.

It is worth pointing out that this test has considered aspects other comparative reviews don’t look at. Firstly, it analyzed the capacity to provide proactive detection not only through heuristic scans and generic signature files, but also through behavioral analysis. This feature is especially important for detecting unknown threats and is not incorporated in all the security solutions available in the market. However, the Panda products have included it for many years as part of their TruPrevent Technologies.

Secondly, the assessment of the various solutions’ anti-rootkit capabilities did not limit to rootkit detection through signature files, but also evaluated the products’ capacity to detect and remove these dangerous threats once they are active and hidden on the system.

In both cases, the Panda Security solutions proved extremely effective, getting the maximum score when it came to detecting unknown threats and rootkits.

“Traditional detection systems based on signature files are necessary but not sufficient. This is due to the current malware dynamics: criminals try to steal personal and confidential data by spreading large amounts of malware so that companies cannot cope with it and release the corresponding vaccines. In this scenario, it is fundamental for security solutions to include effective proactive technologies”, explains Luis Corrons, Technical Director of PandaLabs.

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

Security software industry takes first steps towards forming ANTI-MALWARE TESTING STANDARDS ORGANIZATION

Security software industry takes first steps towards forming ANTI-MALWARE TESTING STANDARDS ORGANIZATION.

Parties converge to address objectivity, quality and relevance of current anti-malware testing methodologies.

Bilbao, Spain – February 4, 2008 – More than 40 security software technologists and anti-malware testers from around the world recently met in Bilbao, Spain to formalize the charter of the Anti-Malware Testing Standards Organization, or AMTSO. The formation of AMTSO has been driven by industry-wide concern about the increasing mismatch between what anti-malware technologies actually do, and the testing methodologies used to evaluate them. As anti-malware solutions become more complex, many existing tests are unable to evaluate product effectiveness properly, resulting in product reviews that are sometimes incomplete, inaccurate and misleading.

AMTSO is focused on addressing the global need for improvement in the objectivity, quality and relevance of testing methodologies. The organization also aims to promulgate universally adopted standards and guidelines for anti-malware testing. The vision for AMTSO was formed in May 2007 during the International Antivirus Testing Workshop in Reykjavik, Iceland, and developed further during the Antivirus Asia Researchers Conference in Seoul, South Korea last December. Pursuant to its preliminary charter, AMTSO will:

• Provide a forum for discussions related to the testing of anti-malware and related products;

• Develop and publicize objective standards and best practices for testing of anti-malware and related products;

• Promote education and awareness of issues related to the testing of anti-malware and related products;

• Provide tools and resources to aid standards-based testing methodologies; and,

• Provide analysis and review of current and future testing of anti-malware and related products.

Hosted by Panda Security, the meeting in Bilbao included representatives from the industry’s leading companies and testing organizations, including:

• ALWIL Software • AV-Comparatives

• AV-Test.org

• AVG Technologies

• Avira GmbH

• Bit9

• BitDefender

• Dr. Web, Ltd.

• ESET

• F-Secure Corporation

• G DATA Software

• Hispasec Sistemas

• International Business Machines Corporation

• Kaspersky Lab

• McAfee, Inc.

• Microsoft Corp.

• Norman ASA

• Panda Security

• PC Tools

• Sana Security

• Secure Computing

• Sophos Plc

• Symantec Corporation

• Trend Micro Incorporated

• Virusbuster Ltd.

About the Anti-Malware Testing Standards Organization (AMTSO)

AMTSO is dedicated to helping improve the objectivity, quality and relevance of anti-malware technology testing. AMTSO membership is open to industry-wide academics, reviewers, testers and vendors, subject to guidelines determined by AMTSO. Additional information regarding the organization, including charter documents, membership and educational materials are available on the AMTSO website at www.amtso.org

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

Two new worms use St Valentine’s Day as bait

Two new worms use St Valentine’s Day as bait.

PandaLabs, Panda Security’s laboratory for detecting and analyzing malware, has detected two new worms, Nuwar.OL and Valentin.E, which use the topic of St Valentine’s Day to spread.

“Year after year we see the appearance of several malware strains that use St Valentine’s Day as bait to attract users”, explains Luis Corrons, Technical Director of PandaLabs. “This indicates that cyber-crooks are still reaping the benefits of this technique and many people still fall into the trap.”

The first one of these worms, Nuwar.OL, reaches computers by email with subjects like “I Love You Soo Much”, “Inside My Heart” or ” You… In My Dreams”. The text of the email includes a link to a website that downloads the malicious code. The page is very simple and looks like a romantic greeting card, with a large pink heart.

Once it has infected a computer, the worm sends out a large amount of emails to the infected user’s contacts, in order to spread. This also creates a heavy load on networks and slows down the computer.

Valentin.E is very similar to this. Like the Nuwar worm, it spreads by email in messages with subjects like “Searching for true Love” or “True Love” and an attached file called “friends4u”. If the targeted user opens the file, a copy of the worm will be downloaded.

The malicious code installs on the computer as a file with the .scr extension. If the user runs it, Valentin.E shows a new desktop background to trick them, while it makes several copies of itself on the computer.

Then, the worm sends out emails with copies of itself from the infected computer to spread and infect more users.

“Both cases are clear examples of social engineering techniques used to spread malware. They use attractive subjects – Valentine’s Day greeting cards, romantic destkop themes, etc.- to entice users to run attachments or click links that ultimately download malware onto their computers”, says Corrons.

Over the last few years, PandaLabs has detected several malware specimens that used Valentine’s Day as bait to spread and infect users. Malware strains like Nuwar.D or the A and B variants of Nurech spread in emails with love themes and subjects like: “You and I Forever “,”A Valentine Love Song” or “For My Valentine”. In the case of Nurech.B the malicious code hid in an attached file with names such as “FLASH POSTCARD.EXE” or “GREETING CARD.EXE”.

PandaLabs offers users a series of tips to avoid falling victim to one of these malicious codes:

- Do not open any emails that come from unknown sources.

- Do not click any links included in email messages, even though they may come from reliable sources. It is better to type them in the address bar.

- Do not run attached files that come from unknown sources. Especially these days, stay on the alert for files that claim to be Valentine’s greeting cards, romantic videos, etc.

- Have an effective security solution installed, capable of detecting both known and new malware strains. Panda Security offers several free tools for scanning computers for malware.

You can use them from http://www.infectedornot.com/

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

Half a million computers infected with bots every day

Half a million computers infected with bots every day.

This data has been taken from the PandaLabs annual report, which can be downloaded from: http://www.pandasecurity.com/homeusers/security-info/tools/reports

Approximately 11% of computers around the world are part of botnets, and they are responsible for 85% of all spam sent.

Junk email accounted for 50% of all email received by home users and between 80 and 95% of messages received in companies.

Everyday, some half a million computers are infected by bots, according to data compiled by PandaLabs in its annual report on malware activity in 2007. Bots are programs that go resident on a computer awaiting commands from their creators, who can take complete control of the infected system. Once they have control over several hundred computers, cyber-crooks can hook them all up to create botnets.

Approximately 11% of computers around the world are part of these botnets, and they are responsible for 85% of all spam sent.

In 2007, PandaLabs uncovered several tools such as Zunker or Barracuda, which were being used by cyber-crooks to administer networks of thousands of infected computers across more than 50 countries.

“The bot herder, the creator of the botnet. can rent out the network to the highest bidder. Cyber-crooks that hire these networks use them for a wide range of criminal activities including downloading malware onto infected computers or causing denial of services. Although one of the most frequent activities is sending spam.” explains Luis Corrons, Technical Director of PandaLabs.

Along these lines, junk mail was one of the major threats during 2007, according to the annual report from PandaLabs. In fact, more than 50% of email received by home users was spam, while the percentage in corporate environments ran at between 80% and 95%.

“To get an idea of the scale of the problem, it would take around 2,000 terabytes of disk space to store the total volume of spam sent in one day.” says Luis Corrons.

The subject matter of this junk mail is highly varied. Sexual health was the most popular theme during the first quarter of 2007, when it accounted for 54% of all spam detected. In the second and third quarters, pharmaceuticals topped the list, with percentages of 45% and 30% respectively.

In terms of the origin of junk mail, some 59.72% is sent from Russia, while 23.08% comes from the USA. Turkey (6.12%), Germany (4.77%) and the UK (3.16%) are other countries from which a significant percentage of spam is sent.

Malware statistics for the last quarter and the whole year of 2007, the evolution of kits for installing malware through exploits and Internet crime trends for 2008 are other issues that are dealt with in the latest annual report from PandaLabs.

This report can be downloaded from: http://www.pandasecurity.com/homeusers/security-info/tools/reports

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

The amount of new malware that appeared in 2007 increased tenfold with respect to the previous year

The amount of new malware that appeared in 2007 increased tenfold with respect to the previous year.

The number of new strains of malware that appeared in 2007 increased tenfold with respect to the previous year. Over the last year, PandaLabs, Panda Security’s laboratory for detecting and analyzing malware, has received an average of more than 3,000 new strains of malware every day. This represents a malware epidemic which although silent, with little media coverage and no widespread alerts, is nevertheless equally dangerous.

In terms of percentages, the number of new examples of malware that appeared in 2007 increased 800% with respect to 2006 which, in turn, witnessed an increase of 172% on the previous year.

This means that the rate with which the amount of malware in circulation is growing is increasing year after year. As regards protection, solutions solely based on continuously updated signature files are no longer sufficient to guarantee users’ security. This is evident from the results of a study carried out by PandaLabs which showed that 23% of home users were infected with malware, despite having a security solution installed and enabled on their computers.

The situation in corporate environments is similar. According to the PandaLabs study, almost 72% of networks with more than 100 workstations were infected with malware. In the light of this threat, Panda Security has responded with Collective Intelligence. This new security model allows the detection capacity of Panda products to be maximized, while reducing consumption of resources and bandwidth to a minimum on protected systems.

This is a security model based on the automation of all detection, scanning and protection processes. The system, developed by Panda, allows a multitude of samples to be gathered and analyzed completely automatically and therefore extremely rapidly to determine whether or not they are malware. Moreover, the knowledge extracted has knock-on benefits for the protection of other users, through automatic updating of signature files installed on their computers.

By complementing signature files with online solutions that have access to Panda’s knowledge-base –such as NanoScan and TotalScan for home users or Malware Radar for companies- Panda can provide a more efficient security environment which better meets the real needs of clients.

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

Panda Security positioned in " visionaries " quadrant of magic quadrant for Enpoint Protection Platforms

Panda Security positioned in " visionaries " quadrant of magic quadrant for Enpoint Protection Platforms.

Consultancy firm Gartner, Inc. has positioned Panda Security as a visionary company in its "Magic Quadrant for Endpoint Protection Platforms". Gartner's Magic Quadrant for EPP (endpoint protection platform) is based on an assessment of a company's ability to execute and completeness of vision.

According to Gartner, to be positioned as visionary, as is the case with Panda, a company must understand the needs of clients to achieve proactive and integrated defense against all types of malware and have an innovative and appropriate roadmap to offer these functionalities with optimum results.

“Our position in the visionaries quadrant underlines, once again, the value of Panda Security technologies and confirms our undertaking to stay one step ahead of threats, as reflected in our corporate slogan”, says Jorge Dinares, CEO of Panda Security. “It also encourages us to redouble our commitment to innovation and technological development as key mechanisms for achieving all our objectives”.

Panda Security: One step ahead

“Technological innovation is a characteristic that sets Panda Security apart from the rest. We have always reinvested a large part of our profits in the research and development of new products and technologies”, explains Jorge Dinares.

The result is a continuous process of innovation, perfectly reflected in the new security model based on ‘Collective Intelligence’, developed by Panda Research and housed in a network of data centers. This approach includes automated processing of large quantities of information about programs and files in a new infrastructure managed by PandaLabs, and real-time communication with users’ computers. This way, the malware scanning and detection is performed on Panda Security’s servers, not on the endpoint itself.

Thanks to Collective Intelligence, Panda Security has developed a series of security solutions -both consumer and corporate- which can detect malware that has evaded other solutions and is acting maliciously on computers.

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

A study by AV-Test.org confirms Panda Security's proactive technologies as the most effective

A study by AV-Test.org confirms Panda Security's proactive technologies as the most effective.

In this study Panda Security’s anti-malware solutions pro-actively blocked 91% of the samples scanned, a much higher figure than other solutions from Symantec, Trend Micro, McAfee or Sophos, among others.

The study also confirmed PandaLabs as one of the fastest laboratories in the industry in generating vaccines for new threats.

The anti-malware solutions from Panda Security offered the most effective proactive protection in a study carried out by the prestigious AV-Test.org (http://www.av-test.org/) organization, and which has been reported in the Dutch publication Security.nl (http://www.security.nl/article/17799/1/Panda_beste_proactieve_virusscanner_van_2007.html). The study tested a number of security solutions from a range of vendors against threats from the “In-The-Wild” list, during July, August and September 2007.

The detection rates were measured using the recommended settings for the e-mail and web protection of the products (as the infiltration vector for most malware is the internet).

Panda Security solutions proactively detected 91% of threats. This was way above the percentages recorded by companies such as Sophos (86%), Kaspersky (69%), Trend Micro (68%), F-Secure (67%), Symantec (66%), McAfee (55%) or Microsoft (48%).

“It is important to bear in mind that this analysis only evaluated heuristic and signature-based technologies. Panda Security products actually include additional pro-active protection layers such as HIPS and a behavioral analysis module. This further increases the protection that we offer our clients”, confirms Luis Corrons, Technical Director of PandaLabs.

Similarly, and according to the same study, PandaLabs, Panda Security’s anti-malware laboratory, is once again confirmed as one of the fastest in the industry in providing protection against new threats through virus signature files. It is able to provide updates to its clients considerably quicker than its most direct competitors.

“Reactive technologies, such as detection of malicious code using signatures, is still the most effective method for detecting known malware, and is an important protection layer for all computers. That’s why, even though we know our proactive technologies can block most threats, we continue to establish procedures for improving our response when it comes to generating vaccines for new malicious code”, concludes Luis Corrons.

More information about the study is available at the AV-Test.org website, at: http://www.av-test.org/

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

PandaLabs has detected several Trojans that use a new form of attack with rootkits

PandaLabs has detected several Trojans that use a new form of attack with rootkits

The main new feature is that the rootkits are designed to hide by replacing the master boot record (MBR) -the first or zero sector of the hard disk- for one of its own which performs its functions.

PandaLabs, Panda Security’s malware analysis and detection laboratory, has detected the appearance of Trojans that include rootkits (MBRtool.A, MBRtool.B, MBRtool.C, etc.) designed to replace the master boot record (MBR), -the first or zero sector of the hard disk- for one of its own. This is something of a revolution in the use of rootkits, making it even more difficult to detect the associated malicious code.

“This system of attack makes it practically impossible to detect the rootkits and the malicious code they hide once they are installed on a computer”, says Luis Corrons, Technical Director of PandaLabs. “The only feasible defense is to detect these rootkits before they enter the computer. In anticipation of other similar malicious code that may appear, it is essential to use proactive technologies that can detect threats without having previously identified them”.

The aim of rootkits when employed by cyber-crooks is to hide the action of malware, making it more difficult to detect. Until now, rootkits were installed in system processes, but the new strains detected by PandaLabs are installed on a part of the hard disk that runs even before the operating system starts up.

When one of these new rootkits is run on a system, it makes a copy of the existing MBR, modifying the original with malicious instructions. This means if there is an attempt to access the MBR, the rootkit will redirect to the genuine one, preventing users or applications from finding anything suspicious.

The modifications made mean that when a user starts up the computer, the manipulated MBR will run before the operating system is loaded. At that moment, the rootkit will run the rest of its code, thereby completely hiding itself and any associated malicious code.

Until now, rootkits were used to hide extensions or processes, but these new examples can trick systems directly. Its location means that users won’t notice any anomaly in any system processes, as the rootkit loaded in memory will be monitoring all access to the disk to make any of its associated malware invisible to the system.

Users should take precautions against this new type of threat. In particular, don’t run any file from unknown sources. To remove the malicious code, infected users should start up their computers using a boot CD so as not to run the MBR. Then, they would have to restore the MBR using a utility like fixmbr in the Windows recovery console if this operating system is installed.

“These rootkits can also affect other platforms, such as Linux, as their action is independent of the operating system installed on the computer”, adds Corrons.

Panda Internet Security 2008 provides you essential protection from viruses, hackers, and privacy threats - click here to get protection

Trojans : The Leading Cyber-Threat in 2007

Trojans : The Leading Cyber-Threat in 2007

According to data from PandaLabs, these malicious codes accounted for 25.83% of malware detected by ActiveScan and 77.40% of new malware that appeared over the last year.

The first seven months of the year witnessed a dramatic increase in the number of computers infected by active malware.

Trojans were responsible for 25.83% of infections recorded by ActiveScan, the online scanner from Panda Security, during 2007. This type of malicious code accounted for 77.40% of the new malware that appeared last year. This represents a dramatic increase on 2006, when Trojans represented some 50% of new malicious code. In fact, according to PandaLabs, the appearance of new strains of this type of malware has increased fivefold every six months.

The dominance of Trojans also continued during December, when this type of malicious code accounted for 25.92% of infections detected by ActiveScan.

“Trojans are a key part of the current cyber-crime model. This is because they are ideal for exploiting infections financially, which is now the prime aim of criminals on the Internet”, explains Luis Corrons, technical director of PandaLabs.

With 25.39% of infections detected by ActiveScan, adware was the second most active type of malicious code in 2007. This type of malware was also second in terms of the number of new strains created, accounting for 11.20% of the total.

Worms, on the other hand, were the culprits of 7.99% of infections detected in 2007 by ActiveScan and 9.21% of new malware created. This represents the biggest drop for a category of malware with respect to 2006, as in that year they accounted for 23.21% of new malware.

With respect to the main families of malicious code (groups with similar or identical characteristics), in 2007, the main protagonist has been the Downloader Trojan family, used to download malware onto computers. Specifically, a Trojan from this family, Downloader.MDW, heads the list of the most active specific strains of malware during the last half of 2007.

The backdoor Trojan Hupigon, designed to offer remote control of affected computers, and the Banker, Nabload and Banbra banker Trojans were other families that stood out in 2007.

Active malware

Data gathered through the website ‘Infected or Not’ (http://www.infectedornot.com) shows how during the first seven months of 2007 there was a dramatic increase in the number of computers infected with active malware, that is, malware that is operating at the moment the computer is scanned. The figure rose from some 10% of infected computers in January, to 19.58% when it peaked in July.

From then on, the figure remained at over 18%. In July, Mexico was the country with the highest percentage of computers infected by active malware, with some 26.39% of all scanned computers affected. Taiwan with 25.41% and France with 24.08%, were in second and third place.

VISHING ATTACKS INCREASE

VISHING ATTACKS INCREASE

Are you one of many who have received an e-mail, text message, or telephone call, supposedly from your credit card/debit card company directing you to contact a telephone number to re-activate your card due to a security issue? The IC3 has received multiple reports of different variations of this scheme known as "vishing". These attacks against US financial institutions and consumers continue to rise at an alarming rate.

Vishing operates like phishing by persuading consumers to divulge their Personally Identifiable Information (PII), claiming their account was suspended, deactivated, or terminated. Recipients are directed to contact their bank via a telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with "Welcome to the bank of ……" and then requested to enter their card number in order to resolve a pending security issue.

For authenticity, some fraudulent e-mails claim the bank would never contact customers to obtain their PII by any means, including e-mail, mail, or instant messenger. These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain "malicious software aimed at capturing login credentials."

Please beware—spam e-mails may actually contain malicious code (malware) which can harm your computer. Do not open any unsolicited e-mail and do not click on any links provided.

A new version recently reported involves the sending of text messages to cell phones claiming the recipient's on-line bank account has expired. The message instructs the recipient to renew their on-line bank account by using the link provided.

Due to rapidly evolving criminal methodologies, it is impossible to include every scenario. Therefore, be cognizant and protect your PII. Beware of e-mails, telephone calls, or text messages requesting your PII.

If you have a question concerning your account or credit/debit card, you should contact your bank using a telephone number obtained independently, such as from your statement, a telephone book, or other independent means.

If you have received this, or a similar hoax, please file a complaint at http://www.ic3.gov/.

Source : FBI

FBI IDENTIFIES RECURRING FRAUDULENT E-MAIL SCAM

FBI IDENTIFIES RECURRING FRAUDULENT E-MAIL SCAM

02/01/08—The FBI has recently developed information indicating cyber criminals are attempting to once again send fraudulent e-mails to unsuspecting recipients stating that someone has filed a complaint against them or their company with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau.

Information obtained during the FBI investigation has been provided to the Department of Homeland Security (DHS). DHS has taken steps to alert their public and private sector partners with the release of a Critical Infrastructure Information Notice (CIIN).

The e-mails are intended to appear as legitimate messages from the above departments, and they address the recipients by name, and other personal information may be contained within the e-mail. Consistent with previous efforts, the scam will likely be an effort to secure Personally Identifiable Information. The nature of these types of scams is to create a sense of urgency for the recipient to provide a response through clicking on a hyperlink, opening an attachment, or initiating a telephone call.

It is believed this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file wherein most anti-virus programs are unable to detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided. If you have received a scam e-mail please notify the IC3 by filing a complaint at http://www.ic3.gov/.

Source : FBI

Latest : FBI Identifies Recurring Fraudulent E-mail Scam

FBI Identifies Recurring Fraudulent E-mail Scam

The FBI has recently developed information indicating cyber criminals are attempting to once again send fraudulent e-mails to unsuspecting recipients stating that someone has filed a complaint against them or their company with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau.

Information obtained during the FBI investigation has been provided to the Department of Homeland Security (DHS). DHS has taken steps to alert their public and private sector partners with the release of a Critical Infrastructure Information Notice (CIIN).

The e-mails are intended to appear as legitimate messages from the above departments, and they address the recipients by name, and other personal information may be contained within the e-mail. Consistent with previous efforts, the scam will likely be an effort to secure Personally Identifiable Information. The nature of these types of scams is to create a sense of urgency for the recipient to provide a response through clicking on a hyperlink, opening an attachment, or initiating a telephone call.

It is believed this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file wherein most anti-virus programs are unable to detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.

“Through FBI investigations we frequently uncover information about ongoing cyber attacks and scams. We share this information through our partnership with DHS to alert the public and the private sector,” noted James E. Finch, Assistant Director of the FBI’s Cyber Division.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided. To receive the latest information about cyber scams please go to the FBI website and sign up for e-mail alerts by clicking on one of the red envelopes. If you have received a scam e-mail please notify the IC3 by filing a complaint at http://www.ic3.gov/. For more information on e-scams, please visit the FBI's New E-Scams and Warnings webpage.

Source : FBI