Tag Archives: sophos

Facebook Malware Application Posing at Google+ Invite

July 18, 2011internetFacebook, google, invite, Plus, sophosJ Powers

Google Plus

Facebook’s problems are slowly becomming Google+’s problems.

A link showed up a few days ago on Facebook for a Google+ application invite. Little did people know it wasn’t a Google+ invite, yet a malware site that tried to get your personal information. Sophos reported the scam on their blog on the 13th.

When you select the link, you will be told you have to go to a third party site to complete the invitation. That is where they phish you.

Facebook has since pulled the malware site. But this is another reason why we should use caution in whatever social network we use. Just because you are implementing familiar screens doesn’t always mean someone cannot find a new way to get the information they desire.

If you want a Google+ invite, just ask me or anyone else that is on Google+. Invites have been open for over a week now.

More important – If you are not 100% sure about something, then don’t go forward. If you do put in password information, then it’s time to change up your passwords.

Sophos Security Threat Report 2011

January 19, 2011Information, malware, Security, spam, spyware, Virus2010, Anti-Virus, Security, sophos, spywareAndrew

Digital security firm Sophos today released their Security Threat Report for 2011, which reviews all the ways that the bad guys are out to get you. It’s a glossy 52 page report and is worth a quick read to understand the threats that are out there, especially in areas that you might not be familiar with.

The report covers the key threats from 2010:

Fake anti-virus software and scareware – through a warning dialog, users are scared into paying for and installing fake anti-virus software, which at best does nothing and at worst steals passwords and credit card information.
SEO poisoning – manipulating search engine results to point users to fake and rogue websites, which are loaded with browser exploits and malware.
Clickjacking or UI redressing – hiding malicious buttons underneath innocuous images, e.g. clicking on a “Like” or “Share” image actually emails out malware to all the users friends.
Survey scam – in order to complete a questionnaire that typically offers a non-existent but sought-after prize, software has to be installed or access given to personal data. This information is then used to propagate the questionnaire onwards, earning affiliate revenue for the application developer.
Spam – not exactly a new entrant in 2010 but the rise of spam on social networking sites is an increasing problem.
Spearphishing – a variant on the original phishing but in this case the attack is well targetted and much more convincing and consequently more likely to succeed.
Stuxnet worm – a traditional vector but with a new target, the Stuxnet worm went after SCADA systems and industrial PLC controllers. Very sophisticated, leading to conspiracy theories involving industrial sabotage.
Malvertising – the infection of advertising on legitimate websites that links to malware or fake anti-virus software.
Compromised sites and accounts – Legitimate websites and typically celebrate accounts are hacked to serve infected webpages or link to malware sites.

The report briefly covers the threats posed to iOS, Android, Windows 7 and Blackberry smartphones before moving onto to review issues with Facebook, Adobe products, removeable media and USB drives. Windows 7 and OS X are also discussed.

The report continues with some of the success stories when the justice system has managed to catch up with the criminals before closing with advice and guidance on how to avoid getting hit.

Give it a read. Warning – 4MB .pdf download.

USA Continues As Spam King

January 12, 2011Information, Virusmalware, sophos, spam, usa, VirusAndrew

Sophos has published its quarterly report into spam and the USA remains top of the league for spam-relaying, being responsible for nearly 19% of all spam messages. India follows with a little under 7% and then Brazil, Russia and the UK finishing the top 5 on 4.5%.

The vast majority of spam does not come directly from spammers’ servers, but rather from PCs that have been compromised by trojans or other malware and are now under the control of the criminals. This allows spam to be passed on by PCs without the owners’ knowledge – this is spam-relaying. Consequently, these figures indicate that huge numbers of PCs in the US are infected and under the control of the spammers.

Sophos also notes that the nature of spam is changing. Previously, pharmaceutical products would have been the mainstay of the spammers’ output but increasingly the spam is spreading malware and phishing for account information. As an aside, an estimated 36 million Americans purchased drugs from unlicensed online sellers.

The top spam relay countries for the last quarter were:

1. USA	18.83%
2. India	6.88%
3. Brazil	5.04%
4. Russia	4.64%
5. UK	4.54%
6. France	3.45%
7. Italy	3.17%
8. S Korea	3.01%
9. Germany	2.99%
10. Vietnam	2.79%
11. Romania	2.25%
12. Spain	2.24%
Other	40.17%

“Spam is certainly here to stay, however the motivations and the methods are continuing to change in order to reap the greatest rewards for the spammers,” said Graham Cluley, senior technology consultant at Sophos. “What’s becoming even more prevalent is the mailing of links to poisoned webpages – victims are tricked into clicking a link in an email, and then led to a site that attacks their computer with exploits or attempts to implant fake anti-virus software.”

Sophos also warns that social networks are increasingly attracting the attention of criminals through malicious apps, stolen profiles and junk messages.

Sophos Offers Free Anti-Virus for Macs

November 4, 2010Apple, mac, VirusAnti-Virus, Apple, mac, macintosh, sophos, VirusAndrew

There’s no doubt that Apple Macs and Linux PCs are far less likely to suffer from virus infections or malware when compared to their Windows cousins, but there’s also no doubt that newer technologies such as cross-platform scripting can lead to vulnerabilities across the board. Besides no-one wants to be blamed for passing on a virus infection as payload in a file, even if your computer isn’t actually infected.

McAfee and Kaspersky have had Mac security products for awhile and now Sophos joins the list by offering its Anti-Virus Home Edition for Mac and best of all, Sophos is offering it for free!

Apparently “based on Sophos’s flagship security software, which protects over 100 million business users worldwide”, the software has protection, detection and disinfection capabilities for viruses and malware on OS X. It will also detect Windows viruses present in files but aren’t activated. As with most Windows anti-virus products, the Sophos Anti-Virus Home Edition runs in the background, scanning files on-access. You can read more about the technical specs and download the software here.

I’m not a Mac user, but if I was, I’d already have Anti-Virus Home Edition downloaded and installed. Yes, I know that it’s arguable that there aren’t any OS X viruses right now, but you can bet that they’re coming and when they do, the viruses will burn through the Mac community like wildfire as most people don’t have protection. It’s free to download so what have you got to lose except a few CPU cycles?

US Relays Most Spam

May 3, 2010spamchina, email, europe, sophos, spam, U.S.Andrew

The USA is the worst country in the world for relaying spam, according to Sophos’ latest report on spam. The US was responsible for 13.1%, followed by Brazil and India at 7.3% and 6.8% respectively, with the UK, Russia and Italy tied in 7th place. In a further twist, China has completely disappeared from the top 12 and now relays only about 1.9%.

The full hall of shame is below.

1. USA	13.1%
2. India	7.3%
3. Brazil	6.8%
4. S Korea	4.8%
5. Vietnam	3.4%
6. Germany	3.2%
7=. United Kingdom	3.1%
7=. Russia	3.1%
7=. Italy	3.1%
10. France	3.0%
11. Romania	2.5%
12. Poland	2.4%
Others	47.3%

Given the amount of attention that China receives as the “Country of Cybercrime”, the table shows that US and Europe ought to be looking a bit closer to home when it comes to spam.

Sophos estimates that 97% of email received to business servers is actually spam and only 3% is legitimate email. Frankly that’s a both scary and a disgrace. The level of resources needed to cope and the subsequent cost incurred by business shows that spam ought to be much higher up on the agenda of our lawmakers.

Perhaps they could take a break from the usual “digital rights” arguments and do something that would help everyone. That would get my vote.