Trojan Adware Hiding in MP3s, McAfee Says

May 6, 2008 – 6:06 PM

Adware pushers have found a new way to trick you into downloading their annoying products: fake MP3 files.

On Tuesday, security vendor McAfee reported that it’s seen a huge spike in fake MP3 files spreading on peer-to-peer networks. Although the files have names that make them look like audio recordings, they’re really Trojan horse programs that try to install a shoddy media player and adware on your computer, said Craig Schmugar, a researcher with McAfee.

“Once you run it, there is no content. You’re taken to this site to install this player which you don’t really need,” he said.

Fake file names include: preview-t-3545425-changing times earth wind .mp3 and t-3545425-just got lucky.mp3. Schmugar listed more filenames, as well as details on the adware, in a Tuesday blog posting.

Users are first asked to OK an end-user license agreement before the Trojan installs two programs, Mirar and NetNucleus, on their PCs.

Ironically, while the Mirar software tells users that it doesn’t display popups, NetNucleus does deliver popup ads, so users who do not realize that they are installing two programs might feel tricked, Schmugar said. “You have a Window telling you that there are no popups and right behind it is a popup.”

Although McAfee has seen some nasty software disguising itself as media files in the past, it has never seen anything on this scale, Schmugar said. Over the past 24 hours, nearly a third of the McAfee customers who reported data back to the security company have detected these files, he said.

In the past few days McAfee has spotted the files on more than 360,000 users’ desktops.

Source: PC World

Posted in Privacy, Security | No Comments

Mass Effect PC Includes Serious Security Measures

May 6, 2008 – 6:01 PM

The PC version of Mass Effect is going to include some fairly serious security measures that may prove to be more of a threat to the game’s popularity than they are to piracy.

According to Derek French, Mass Effect‘s technical producer at BioWare, the game’s security begins with the same SecuROM online activation that aggravated so many owners of BioShock for PC. The system allows the user to activate the game three times before being required to contact a customer service rep to have it reactivated.

Mass Effect‘s security goes one step further, however, by dialing in every five to ten days to double check that your current CD Key and computer info matches the data that was submitted when you first activated the game.

Does that mean you won’t be able to play your perfectly legitimate copy of the game if you fire it up on day 11, only to find that your ‘net connection is down? According to a post from French, yes, actually, it does:

That is correct. And I would suggest that you contact EA Support the moment this happens (once you get your internet back) to report the issue. If there are people having problems with the system as designed, then Support needs to hear about it so they can help us evaluate it for the next game title.

To the PC gamers in the crowd, would these kind of security protocols prevent you from buying a game you were excited about?

Source: Wired

Posted in Coding, Gaming, Security | No Comments

Tmin fuzzing test case optimizer released

May 6, 2008 – 5:54 PM

Tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing.

The tool is somewhat related to delta, which is a more featured general purpose optimizer but is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), for hands-off detection of security fault conditions, and for easy integration with UI testing harnesses.

tmin is also capable of reducing the complexity of alphabets used on datasets that cannot be further trimmed down in size.

Read the rest of the story…

Posted in Coding, Privacy, Security | No Comments

Who Killed My Hard Drive?

May 6, 2008 – 4:18 PM

You’ve heard the threat before: A virus or Trojan could infect your PCs and wreck their hard drives. But how often does it really happen — and how bad is the damage?

A new university study suggests that hard-drive-killing attacks launched by hackers are actually pretty rare — but when they do occur, they can be more costly than most companies think.

The study, published last quarter by professors at the University of Pepperdine and commissioned by data recovery vendor Deepspar Technologies, looks at the causes of hard drive failure and offers insights on just how “fatal” a fatal drive error can be.

Aside from physical theft, hard drive failure is the most common cause of data loss on PCs, the study says, accounting for 38 percent of data loss incidents. In about 30 percent of these cases, the loss of access is the result of drive problems, where corruption of the media makes the data unreadable.

Software corruption, which is the usual path used by hackers and viruses to “crash” a hard drive, only causes data loss in about 13 percent of cases, according to the study. Such incidents are only slightly more frequent than drive losses caused by human error (12 percent), the study says.

But while remote attacks may cause fewer drive crashes than many users believe, the cost of those crashes may be higher than many executives expect, the study states.

The IT costs associated with a drive failure are fairly easy to measure, the study says. In cases where the data can be restored by an in-house staffer — which happens about 40 percent of the time — the cost is about $350. If the drive has to be sent out to a recovery service, the cost is around $1,500. On average, then, the IT cost of a failed drive is about $1,150, the study says.

But many companies fail to factor in the cost of lost productivity, the study observes. If you add up the average time it takes to restore data on a failed drive and multiply it by the cost of the employees affected, there is a lost productivity cost of about $1,750 per drive failure, the researchers say. And if you add productivity costs to IT costs, the average drive failure cost is about $2,900 — assuming you can recover the data from the damaged drive at all.

If a hacker or virus does successfully crash a hard drive, the study recommends caution in trying to recover the data internally. “Non-professional tools and system software (e.g., chkdsk) often fix errors by overwriting the file system on the drive,” the study says. “Though this may repair the file system, it permanently destroys the data.” About 15 percent of all non-recoverable data loss situations were created by prior non-professional data recovery attempts, the study says.

Source: Dark Reading

Posted in Hardware, Privacy, Security | No Comments

Have you seen this asshole?

May 6, 2008 – 9:15 AM

INTERPOL is asking for the public’s help in identifying a man pictured sexually abusing children in a series of images found on the Internet and retrieved from the computer of a convicted paedophile.

The man, whose name, nationality and location are unknown is featured in approximately 100 images in a series of around 800, which are believed to have been taken in Southeast Asia and depict the sexual abuse of at least three boys aged between six and 10 years old. The first pictures of the man were originally discovered by police in Norway in March 2006.

“The law enforcement community around the world has done all it can to find this man who clearly presents a danger to young children, and we are now asking the public to help identify this predator and protect other potential victims from abuse,” said INTERPOL Secretary General Ronald K. Noble.

“When we made a similar appeal last year, it was information provided by the public which helped identify and locate Christopher Paul NEIL, who is now in jail facing child abuse charges. We hope that people around the world will again play a vital role in tracing this man who could otherwise continue to sexually abuse young children.”

  

Read the full story here…

Posted in General BS | No Comments