Computer Hardware and Software
Posts tagged Spam
Botnet with integrated copy protection
Mar 19th
The current version of the ZeuS botnet uses classical copy protection mechanisms to prevent the use of unlicensed pirate copies. ZeuS is a malware toolkit used, for instance, to steal online banking data. The basic version currently costs about $3,000 to $4,000.
Security firm SecureWorks has discovered that the ZeuS server only works with a system specific key. Similar to the Windows OS, the malware creates a kind of fingerprint of the respective hardware configuration when first started. The vendor then provides the user with a personalised licence key for this configuration.
The ZeuS server is responsible for controlling the botnet. It communicates with the infected computers – the bots –, it receives the data they provide and issues commands, etc. The client software injected on victims’ systems of course does not require a licence key. Extensive division of labour has existed in the malware scene for some time. Many gangs use the professional ZeuS software which is modular and can – for a fee – be extended to include, for instance, different Windows versions or browsers. By using a licence management system, the product has reached a new level of professionalism.
Chuck Norris Virus Roundhouse Kicks Unprotected Routers!!!!!11
Feb 23rd
Just a few seconds after publishing my last post I read about this really ChuckNorris-stuff on a german newspage (I hope you all have humor):
Apparently, when Chuck Norris wants to create a botnet, he’s such a badass that he doesn’t even have to attack computers.
The Chuck Norris virus, so called because of the words “in nome di Chuck Norris,” (Italian for “In the name of Chuck Norris”) in the source code, attacks routers and DSL modems by guessing commonly used passwords. It also exploits a security vulnerability present in many D-Link routers.
This virus, which takes advantage of an incredibly common vulnerability, is potentially incredibly dangerous. Even the most security-minded of consumers will often forget to change the default password on their routers after setting them up. Because this virus can change DNS settings of the router, it can also hijack the browsers of computers on its network, steering them to malware-infested sites or phishing sites.
In addition, due to the widespread use of Linux and MIPS-based chips in internet-connected devices (like routers, modems and even cable boxes), this particular vulnerability could be devastating. According to Jan Vykopal, head of network security research for Masaryk University’s Department of Computer Science (and the discoverer of the virus), devices in Asia, Europe, North and South America are already infected, and it appears to be spreading quickly.
While this particular virus might not become the next conficker, it suggests that similar exploits could be on the way. Despite the fact that many people have antivirus software on their computers, most people completely overlook the security of their routers. It’s only a matter of time before another more effective version of this exploit finds its way into more routers and cable boxes.
Mozilla Malware Fail!
Feb 7th
Apparently Mozilla has been spreading malware in the form of a few user-submitted Firefox addons. They were infected with trojans, and some 4,600 people downloaded them. This fail doesn’t suprise me- people have been talking about potential exploits from Firefox addons for years now.
I am a bit surprised that it was client-pwning malware, and not Chrome-based sniffers or keystroke loggers or something else that could work within the DOM. I have to wonder if any of those exist… Somebody should Read the rest of this entry »
About 2012-Supernova: Give me my 90 minutes wasted time back!!!
Jan 22nd
Warning: If you are going to watch the movie 2012-Supernove: DO NOT watch it – can cause serious Brain-damage 
Another film jumping on the 2012 bandwagon. But, like a zillion other disaster movie buffs I watch them, and whether a block buster or a z grade I usually enjoy them. Until now!!!! Boy could this movie have used a rewrite, some good actors and a decent budget.
Lets start off with the tri-partisan team supposedly saving the world in a top security bunker with top of the range computers which in actual fact looked like you local warehouse with computers from the Amstrad days! We had a Chinese, kungfu, save my country at the expense of everyone else, female scientist, who, incidentally can fly the shuttle! A vodka swilling Russian scientist who looked a lot like a mad
Einstein, who also could fly the shuttle and a good old USA scientist out to save the world even if it meant throwing himself into the face of death… of course! and of course he can pilot the shuttle, all of them wearing overalls and motor bike helmets… oh, and i have seen enough of the shuttle over the years on TV to know what the inside of it looks like and trust me, I have never seen anything like what they were supposedly flying… And when they got to the space station they were the only ones on it. Where were all the other scientists while this was going on? Are we to believe that the world at large trusted 3 scientists to save us… no contact with any world leaders, or any one for that matter.
In the middle of all this we have tornado’s, lightning storms, earth quakes, even a lecherous farmer and just about anything else that could be thrown at the poor wife and daughter of the American scientist who are just trying to get to safety while their man tries to save the world.
I kept watching this hoping it would get better… BUT IT DIDN’T.
There are some movies that are so bad you have to watch them, but this doesn’t even fit in that category. It is just plain bad. I guess its the best you can do with a budget of $3.50. And with that I would want $2.00 change. Don’t waste your time with this one. SciFi channel… shame on you!!!!
SpamAssassin’s new year hangover
Jan 5th
The Apache SpamAssassin spam filter has been shipping with a rule which defined any year past 2009 as “grossly in the future” and adding 3.2 to the email’s spam score. The default threshold for spam is 5.0, so the error makes it much more likely that legitimate mail will be falsely marked as spam.
The problem was noted by Mike Cardwell, a GB based developer, who brought up the issue on the spam filter’s mailing list. The problem had been reported in 2008 and fixed in the SpamAssassin repositories, but the rules were not backported to 3.2 for users until new years day when the omitted update was noticed.
SpamAssassin users will need to run the sa-update command to update their rule set. If they are unable to do this, for whatever reason, then adding score FH_DATE_PAST_20XX 0.0 to the local.cf file will work around the problem.
For more information see: http://wiki.apache.org/spamassassin/Rules/FH_DATE_PAST_20XX