Help | Contact | Forum | Affiliates | Press
Purchase
Download
Features
Screenshots
Demo
Authorities in Slovenia have arrested a man known by the Internet moniker "Iserdo" for allegedly creating and selling the Butterfly botnet kit used to help spread some of the most damaging and profitable malware in the world, including the infamous Mariposa botnet. Working with the FBI and with assistance from security software vendors Panda Security and Defence Intelligence, Slovenian law enforcement agents nabbed the man suspected of selling thousands of Butterfly kits for between $650 and $2,000 to enterprising -- if unoriginal and marginally skilled -- malware purveyors who then used the kit to create botnets that have wreaked havoc at financial institutions, government agencies and businesses around the globe. "Iserdo," 23, was apprehended in Maribor, Slovenia, last week and is currently free on bail and awaiting a court date in the Central European nation. "In the last two years, the software used to create the Mariposa botnet was sold to hundreds of other criminals, making it one of the most notorious in the world," FBI Director Robert Mueller said in a statement. "These cyber intrusions, thefts, and frauds undermine the integrity of the Internet and the businesses that rely on it. They also threaten the privacy and pocketbooks of all who use the Internet."
Two Missouri brothers who pounded U.S. college students with unwanted commercial e-mails pleaded guilty Wednesday in federal court to conspiracy to distribute spam. Amir Ahmad Shah, 29, and Osmaan Ahmad Shah, 26, both of Manchester, Mo., each acknowledged using the University of Missouri computer network to send the spam. When prosecutors initially charged the brothers in April 2009, they alleged that the conspiracy had sent millions of unwanted messages to students at U.S. colleges and universities. The guilty plea Wednesday was more narrowly drawn, focusing on a single campaign offering digital cameras from December 2004 to February 2005. The brothers also admitted using computer software to harvest more than 8 million e-mail addresses for students at the University of Missouri and hundreds of other U.S. colleges and universities. The brothers and their company, i2o, Inc., also agreed to forfeit almost $440,000 in assets that investigators had traced to their scheme. Those included four bank accounts with deposits totaling $78,980.60, homes in Columbia and St. Louis worth $344,250, two luxury automobiles worth $16,590 and five Internet domain names.
Internet Explorer 8, with the help of its SmartScreen Filter, has "blocked 1 billion attempts to download malware," Microsoft product manager James Pratt said in a blog post Friday. The SmartScreen Filter evaluates URLs and their associated servers. If the software recognizes a server as containing malicious content, it displays a warning, saying it's unsafe to browse to a respective site that could cause harm on the user's computer. The user is then given the option to continue to the page or go back to their home page without downloading any content. According to Microsoft, the SmartScreen filter continues to improve. In August 2009, it blocked 70 million malware download attempts. At the time, just 15 percent of Web users were surfing with Internet Explorer 8. Today, Microsoft reported, nearly 26 percent of the Web population is using IE8, and the company's SmartScreen filter is blocking "five times more malware month on month" compared to August 2009. Of course, whether Microsoft's ability to block a billion malware download attempts is really something to gloat about is up for debate. On one hand, the company seems to be doing a better job of keeping users safe. On the other, the fact that that many attempts have been made might speak to security issues that still plague the Windows ecosystem. Regardless, it seems that Microsoft is turning its blocking abilities into a positive thing. And to some extent, it's commendable. But that won't stop me from choosing Google Chrome or Mozilla Firefox over Internet Explorer.
A sequence of errors led to Dell's delivery of motherboards with malware and the company is in the process of overhauling its testing process to resolve issues before dispatching hardware to customers, it said on Thursday. Dell on Wednesday said that some replacement motherboards for PowerEdge servers may have contained the W32.Spybot worm in flash storage. The malware issue affected a limited number of replacement motherboards in four servers, the PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 models, the company said. "There was a sequence of human errors that led to the issue, That being said, we have identified and implemented 16 additional process steps to make sure this doesn't happen again," said Dell spokesman Jim Hahn. Hahn did not provide additional details on the steps being added to track and resolve such issues. But he said that all affected motherboards had been removed from the service supply chain. Current antivirus software with updated signatures would flag the malware's presence and users would have to be running an unpatched version of Windows 2008 or an earlier version of the OS. A Dell quality management specialist wrote in an e-mail that the code was accidentally introduced during the manufacturing process of the server motherboards. The code was detected on the embedded server management firmware during internal testing by Dell.
A sequence of errors led to Dell's delivery of motherboards with malware and the company is in the process of overhauling its testing process to resolve issues before dispatching hardware to customers, it said on Thursday. Dell on Wednesday said that some replacement motherboards for PowerEdge servers may have contained the W32.Spybot worm in flash storage. The malware issue affected a limited number of replacement motherboards in four servers, the PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 models, the company said. "There was a sequence of human errors that led to the issue, That being said, we have identified and implemented 16 additional process steps to make sure this doesn't happen again," said Dell spokesman Jim Hahn. Hahn did not provide additional details on the steps being added to track and resolve such issues. But he said that all affected motherboards had been removed from the service supply chain. Current antivirus software with updated signatures would flag the malware's presence and users would have to be running an unpatched version of Windows 2008 or an earlier version of the OS. A Dell quality management specialist wrote in an e-mail that the code was accidentally introduced during the manufacturing process of the server motherboards. The code was detected on the embedded server management firmware during internal testing by Dell.
IDG News Service - The Windows attack used by a recently discovered worm is being picked up by other virus writers and will soon become much more widespread, according to security vendor Eset. Eset reported Thursday that two new families of malicious software have popped up, both of which exploit a vulnerability in the way Windows processes .link files, used to provide shortcuts to other files on the system. The vulnerability was first exploited by the Stuxnet worm, discovered on computer systems in Iran last month. Highly sophisticated, Stuxnet targets systems running Siemens industrial control system management software. The worm steals SCADA (supervisory control and data acquisition) project files from Siemens' computer systems. Siemens issued a Security Update for its customers on Thursday, but Microsoft has yet to patch the Windows bug that permits the worm to spread. The newly discovered malware is "far less sophisticated" than Stuxnet and "suggests bottom feeders seizing on techniques developed by others," said Eset researcher Pierre-Marc Bureau, writing in a blog post.
Dell said human error was to blame for mistakes which led it to ship a number of replacement server motherboards to customers pre-loaded with spyware. The company declined to say whether it was running anti-virus software at its factory but said it had taken 16 steps to improve processes. The infection hit replacement PowerEdge 310, 410, 510 and T410 boards. The direct seller said less than one per cent of boards were affected and complete new server systems were quite safe. Dell is still not admitting how the W32.Spybot worm got into its systems and onto its hardware. A Dell spokesman said the problem was worldwide but all infected motherboards had now been removed from the supply chain and it was already shipping clean boards.
Apple is one of 36 companies being sued for spam email filtering. InNova claims they invented the technology first. InNova filed for a lawsuit against a number of well known technology firms including Apple, Google, Dell and Yahoo, claiming the companies have been using their spam filtering invention without permission for years. The InNova patent was granted to Robert Uomini, an inventor and mathematician, fifteen years ago when email was still in it's early stages. The patent covers technology used to differentiate between spam email messages and those that users actually want to receive. Uomini is the founder of InNova, however, InNova is a company specialising in patent licensing. "More than 80 percent of email is spam, which is why companies use InNova's invention rather than forcing employees to wade through billions of useless emails. Unfortunately, the defendants appear to be profiting from this invention without any consideration for InNova's legal patent rights," said patent-infringement attorney Christopher Banys in a press release. None of the companies involved have yet responded to the lawsuit.
Spammers are increasingly making use of URL-shortening services to get their messages through, according to MessageLabs. The security firm said in its July Intelligence Report that the services are being used in record numbers by botnet operators as a way to evade anti-spam filters. MessageLabs found that during 14 days in June URL-shortening services accounted for more than 0.5 per cent of all spam. "The average volume of spam containing shortened URLs has increased and MessageLabs Intelligence is seeing more days where shortened URLs are included in significant volumes of spam," the company said in the report. "This indicates that the adoption of shortened URLs in spam is becoming a sustained tactic rather than an occasional use tactic." Among the heaviest users of the tactic has been the Storm botnet. MessageLabs found that the botnet contributed more than 11 per cent of all URL-shortened spam messages.
Apple and Google are among 36 total corporate defendants in the patent infringement suit, announced Wednesday by the Lanier Law Firm. The complaint was filed on Tuesday in the U.S. District Court for the Eastern District of Texas in Marshall. The suit deals with U.S. Patent No. 6,018,761, related to technology that is used to differentiate between regular e-mail messages and unwanted advertising spam. The patent is owned by mathematician Robert Uomini, founder of InNova. It was filed with the U.S. Patent and Trademark Office nearly 15 years ago. The patent is the only one currently available for licensing on the company's official website. Awarded in 2000, the patent is entitled "System for Adding to Electronic Mail Messages Information Obtained from Sources External to the Electronic Mail Transport Process." It describes a system that could obtain information about a message, even if the message does not include information such as name, address or telephone number. A database of this contextual information could be used to sort e-mails.
