Securelist / Blog
Securelist / Blog
  • The Winlock numbers, the Winlock laws

    While Eugene’s busy taking bets (wonder how much he’s going to make?), I’ve been having a think about the Winlock case.

    Russian law enforcement is estimating that the bad guys could have raked in as much as $1 billion. While it’s difficult to be certain about the exact amounts involved (obviously they spread their money across a lot of different accounts to avoid attracting attention), a little bit of simple math makes me think this figure isn’t as crazy as it might sound.


    Our statistical analysis tells us there could be around a million people who’ve been infected. 10 cybercriminals, each getting a cut of a ransom between $10 and $30 - even though they were paying out $3 per infection to the people willing to spread this malware, the numbers add up pretty quickly.

  • Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem
    The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.


    Some groups have been arrested. Some have had their operations and entire call support centers
    shut down.

    Some groups attracted too much attention, picked off
    the low hanging fruit and eventually walked away from their botnets.

    In some cases, the groups just weren't very skilled
    at developing anti-anti-malware techniques, blackhat SEO, and malware distribution. They couldn't keep up with the changes in anti-malware technologies,
    weren't exactly dedicated     to the effort, and simply fell off the map.


    However, some of the remaining scareware distribution gangs upped the ante and are aggressively developing difficult-to-detect polymorphic installers and difficult-to-remove support components. And the newest of these malware components include some of the first ITW 64-bit malware components to be taken seriously. But, for the most part, the scareware program itself remains the same. The development continues to change and progress, all for the purpose of evading anti-malware solutions and helping coerce the end-user to pay for the fake product, including support/rootkit components like TDSS (and its extreme complexities) or the more recent Black Internet (also known as "Trojan-Clicker.Win32.Cycler") support/rootkit components. These complex Mbr infectors and other rootkit components meant to maintain money-making scareware on the system are signs of this somewhat extreme development effort.

  • The Winlock case - I'm taking bets!

    Interesting news on Trojan SMS Blockers (Winlock etc). These programs block Windows and demand a ransom in the form of a text message which is sent to short number for a fee. It's a very popular type of racket at the moment, both in Russia and a few other countries.


    The whole affair has now reached the General Prosecutor’s office of Russia – the criminals have been identified and detained (or so it seems) and will be prosecuted in Moscow soon.

    Altogether the criminals have earned an estimated 790,000 roubles, or $25K. Moreover, they have caused other damages by blocking or crashing a yet to be determined number of personal and company PCs. Very often people have needed to re-install the OS and all software and then restore data from backups - even after paying the ransom.




    But I wanted to focus on the outcome – or the possible outcome of this incident, not on the investigation, arrests and so forth.
 
SpywareGuide Articles
Articles on Spyware, Adware, Malware and privacy in general
SpywareGuide Articles
  • DATA-THEFT WORM TARGETING GOOGLE'S ORKUT
    FaceTime Security Labs announced the discovery of a worm that steals users? banking details, usernames and passwords. The worm, known as MW.Orc, is propagating through Orkut, Google?s social networking site, as users launch an executable file disguised as a JPEG. Google has a temporary fix in place
  • The Digital Underground: Interview with RinCe
    This is Part TWO of a series of write-ups focusing on the recent threat to E-Commerce systems via potential IM (Instant Messaging) attack vectors and more besides, by way of a remotely installed administration tool and custom-built scripts, designed to find vulnerabilities in third-party payment sys
  • Property Values, Satellite Maps and Zillow
    A new service called Zillow allows you to easily access the value of your home...and your neighbors and even their neighbors. SpywareGuide articles are sponsored by FaceTime Communications, providing solutions for securing and controlling IM, P2P and Spyware Greynets.
What Are The Differences Between Adware And Spyware? PDF Print E-mail
User Rating: / 0
PoorBest 
By: Salihu Ibrahim

You may think adware and spyware are the same thing, but there are plenty of differences between the two of them. Since most people use the computer for personal access to the internet and their accounts, you need to do all you can to protect them. There are plenty of people trying to make an easy buck online by taking advantage of those accessing the internet. Don’t let them get access to your information through adware or spyware.

Advertising is everywhere you turn online these days, and that is where the issues of adware and spyware come into play. Adware is generally found in pop ups and it will track your internet use. As a result you will get redirected to sites that offer products for you to purchase. You will also get more and more pop ups until they have completely ruined the chance for you to be online without interruptions.


You need to watch for sites that aren’t what they should be and look at the information in your browser. You also need to pay attention to new programs on your desktop and tool bars on your browser. They can all indicate you have adware on your computer. It can even be added to your computer by downloading music or other files without your knowledge.


While adware is a very aggressive type of advertising known as SPAM, many companies continue to engage in it. They stay just within the perimeters set by the government to allow them to continue. You may think it is just something you have to deal with but that isn’t true.

Spyware is definitely an illegal practice that you don’t want to find yourself on the wrong end of. There is plenty of opportuntity to make money with it and very little risk of getting caught so many people continue to offer programming that creates it. This type of intruder monitors your computer and sends a third party information about your passwords, credit card numbers, and other information that will compromise your accounts.

You need to be very careful of those spyware programs that can be downloaded for free online. This is because many of them are actually spyware programs disguised as a tool to prevent you from getting them. This is quite a cruel way for those trying to protect their information to end up getting scammed.

The programming behind spyware will definitely cause problems for how your computer operates. It takes up a considerable amount of bandwidth and it will cause your computer to operate slowly. It can also result in your computer locking up or completely crashing. Make sure you only install a quality spyware protection program that you have carefully researched.

While both adware and spyware are very important tactics you want to avoid, spyware is definitely the one that does the most damage. Do your best to find an excellent program that prevents you from getting either one on your computer. It needs to offer free updates too so you can always stay ahead of those playing this game.

Article Source: http://articlesite.info
 
 

Latest Virus Threats

Recent Posts

Article Archives