About Antivirus Software

No Free (or Cheap) Rides

2009-11-20T20:26:13Z

McAfee AVERT Labs has posted a humorous (but cautionary) tale of a scam targeting Brazilian users. The scam involves a promise of cheap $1 airfare, but delivers a password stealing trojan that� could wipe out your bank account. For details, see: Fly for $1 or Your Money Back!

No Free (or Cheap) Rides originally appeared on About.com Antivirus Software on Friday, November 20th, 2009 at 20:26:13.

Permalink | Comment | Email this

Adobe Attacks are Opportunity Driven

2009-11-20T13:36:05Z

In Can Adobe Beat Back the Hackers, BusinessWeek claims "as Microsoft has toughened up its security, Adobe has become a more tempting prey."

In reality, it has little to do with improvements in Microsoft security - attackers moved to Adobe because attacks moved to the Web. Adobe Flash and Adobe Reader (PDF) are ubiquitous Web-enabling apps and Adobe's lack of security in their product line has made it painfully easy for these attacks to succeed.

Adobe Attacks are Opportunity Driven originally appeared on About.com Antivirus Software on Friday, November 20th, 2009 at 13:36:05.

Permalink | Comment | Email this

Mac Phishing a Problem, Too

2009-11-18T00:43:39Z

According to survey results from Competitive Edge Research, Mac users are as prone to phishing attacks as are PC users. Unfortunately, the report concluded that "most cybercrime losses are caused by phishing attacks" - a finding that might be erroneous at best. Perhaps a more accurate conclusion would be that most quantifiable reports of losses are the result of phishing. In any event, it does serve as a good reminder that� scams are a universal problem - they target the person directly and not the operating system.

Mac Phishing a Problem, Too originally appeared on About.com Antivirus Software on Wednesday, November 18th, 2009 at 00:43:39.

Permalink | Comment | Email this

Apple MobileMe Phishing Scam

2009-11-11T12:24:24Z

Sunbelt Software is warning of a new phishing scam, this one targeting Apple MobileMe users. The bogus email masquerades as a subscription expiration from Apple's MobileMe service.� The phishing scam uses a spoofed From address of Mobile IDisk [noreply01@me.com] [mailto:noreply01@me.com].

A copy of the MobileMe phishing email is available on the Sunbelt blog.

Research from the University of New South Wales indicates one defenses against email scams and phishing attacks may just be reading your email when you're feeling a bit down.

Apple MobileMe Phishing Scam originally appeared on About.com Antivirus Software on Wednesday, November 11th, 2009 at 12:24:24.

Permalink | Comment | Email this

Hacked iPhones Need Password Reset

2009-11-10T13:42:51Z

In the past few weeks, there have been a couple of worms targeted hacked iPhones. Nothing major and highly regional, but still a good wake up call. To spread, the worms take advantage of the default password on a jailbroken iPhone. If you decided to jailbreak your iPhone but have not changed the default passwords, you should definitely make sure you do that. Here are a couple of good resources to help you through the process:

The iPhone Hacking Kit, step by step (MacWorld)
Short and Sweet SSH Guide for the iPhone (Gizmodo)

Hacked iPhones Need Password Reset originally appeared on About.com Antivirus Software on Tuesday, November 10th, 2009 at 13:42:51.

Permalink | Comment | Email this

Facebook Spoofed in Malware Spam

2009-11-09T14:43:37Z

A new Facebook email scam is making the rounds, carrying a malicious email attachment disguised as a Facebook user agreement. The email reads as follows:

Dear Facebook user,

Due to Facebook policy changes, all Facebook users must submit a new, updated account agreement, regardless of their original account start date.
Accounts that do not submit the updated account agreement by the deadline will have restricted.

Please unzip the attached file and run "agreement.exe" by double-clicking
it.

Thanks,
The Facebook Team

By unzipping and running the attached 'agreement.exe', recipients are actually installing a variant of the Sasfis trojan which attempts to install a backdoor and download additional malware via the Web. The email is spammed randomly, so anyone could receive it and fall victim to the malware whether or not they were a Facebook user.

Facebook Spoofed in Malware Spam originally appeared on About.com Antivirus Software on Monday, November 9th, 2009 at 14:43:37.

Permalink | Comment | Email this

Apple Takes Bite Out of Microsoft Security

2009-11-05T18:32:35Z

In Windows 7, Microsoft finally did away with autorun, a feature that enabled trojans to spread rapidly over a network or between computers much in the same way a worm would. Apple, in an astonishing move, apparently feels that security should take a back seat and re-enables autorun if iTunes is installed. Costin Raiu, chief security expert for Kaspersky Lab, explains the problem in "Why is Apple Meddling With My Windows Autorun".

Until Apple gets their act together, you're better off not having iTunes installed.

Apple Takes Bite Out of Microsoft Security originally appeared on About.com Antivirus Software on Thursday, November 5th, 2009 at 18:32:35.

Permalink | Comment | Email this

IObit Responds to Malwarebytes' Claims of Theft

2009-11-04T02:17:34Z

IObit has issued a statement denying claims they stole all or part of the Malwarebytes signature database. Titled "Declaration from IObit", the statement declares:

"We have never used the database of any other companies. And hope Malwarebytes stop spreading malicious rumors for hyping itself. The ridiculousness: who will trust and depend on a security product that can NOT even protect itself?"

Apparently the IObit defense is that if it's possible to steal the signatures, then the product is no good. But that logic is so flawed that it makes one wonder if there are actually any real developers behind the IObit product(s). The scanner MUST be able to read the database of signatures, hence it is impossible to make the signatures truly theft-proof. Which is exactly why legitimate vendors seed their database with dummy signatures - to catch such theft.

IObit then makes a fatal error in defending the inclusion of the Malwarebytes "to catch a thief" signatures:

"NOTSURE.dll was submitted by someone called "KXX" and described as 'Rogue.AVCleanSweepPro' detected by Malwarebytes. Our analyzer carelessly used the same name."

The fatal error? Malwarebytes explains:

"We invite you to search Google for 'Rogue.AVCleanSweepPro' or just 'AVCleanSweepPro'. See if you can find a single place where anything called 'Rogue.AVCleanSweepPro' was ever detected in the wild by Malwarebytes or anyone else. When we did this today, the only hits we got were for our own report yesterday and people talking about it. Before we published our report yesterday there was not a single hit on Google for either name. This malware name simply does not exist in reality. We made it up in-house. Only four members of Malwarebytes' management were privy to the information about the fake files and the fake names. Therefore, any suggestion that somehow someone submitted to IObit a piece of malware anyone detected anywhere as 'Rogue.AVCleanSweepPro' is simply a lie.

Just prior to this controversy, IObit also came under fire for allegedly deceptively installing the Conduit toolbar on users' systems.

IObit Responds to Malwarebytes' Claims of Theft originally appeared on About.com Antivirus Software on Wednesday, November 4th, 2009 at 02:17:34.

Permalink | Comment | Email this

IOBit Steals Malwarebytes' Intellectual Property

2009-11-03T11:54:06Z

A few days ago, I received an email advertising the China-based IOBit anti-malware software. Problem is, the program may be derived entirely from stolen property of other reputable vendors. One of the victim vendors, Malwarebytes, did some intensive investigation - including publishing fake signatures - to prove that IOBit was stealing their malware signature database. The proof is compelling, as explained in this Malwarebytes forum post.

A company that would steal another vendor's database could also likely stoop to other nefarious practices - such as claiming a system is infected just to extort fees for an alleged cleanup tool (aka scareware). That's not to say this is what IOBit is doing, but just to point out that one unethical act typically breeds another.

The IOBit download is featured on download.com and majorgeeks.com, demonstrating that just because a download is featured on a legitimate site, it doesn't mean the download itself is legit. What can you do? Avoid using IOBit for starters. And perhaps act on the request from Malwarebytes "to send an email to hosting services such as Download.com and Majorgeeks.com requesting that all IOBit software be removed".

IOBit Steals Malwarebytes' Intellectual Property originally appeared on About.com Antivirus Software on Tuesday, November 3rd, 2009 at 11:54:06.

Permalink | Comment | Email this

Choosing to Do Bad Things

2009-11-02T13:17:29Z

A recent article from Brian Krebs of the Washington Post details how Peter Kleissner, formerly of Ikarus Software, was forced to resign and subsequently ostracized by the anti-malware community for releasing malware exploits and allegedly hacking an Internet kiosk.

While Krebs' article does a good job of chronicling the events, it's the last line that is the most telling. According to Kleissner, his actions are excusable because, "To me it's not good or bad, it's just technology."

That has to be the lamest excuse for rationalizing a bad deed. There is a hand at the end of our arms. That hand can shake another hand as a type of introduction. The hand can wave as a form of greeting or in bidding us farewell. The hand can stroke a child's hair and calm them when they are afraid. Used appropriately, that hand can reach out and help others. But balled into a fist or flattened into a slap, that hand can become a deadly weapon. Various gestures can make that hand offensive.

It all depends on how you use it.

In Kleissner's case, defending his action by claiming it's "just technology" is about as shortsighted and misguided as you can get. It is technology - but just like anything else, how you choose to use it determines whether it is good or bad. And in Kleissner's case, he has chosen to use it for bad.

Choosing to Do Bad Things originally appeared on About.com Antivirus Software on Monday, November 2nd, 2009 at 13:17:29.

Permalink | Comment | Email this