Spyware Remover Help Spyware removal ebook Free download

Spam is really annoying, mainly because you may think spammers have a really bad image of you: lack of hair, lack of sexual abilities, lack of money, lack of university degrees, lack of girl/boyfriends… After all, they just try to cheat you and sell something in the best cases… if they are not trying to spread malware.

But we have now a new spam message: for politics. We had received a message that shows figures about a survey in Argentina. Last weekend they elected a new president, and the message claims “we are bad”. Who? Which party? Will the message try to modify the vote in some people? Will it try to increase the participation?

The message comes form a “gmail.con” domain, and it claims the survey has been done by “McKenzy Associates”, which domain is not valid: “mckenzyassociates.com” is not a valid domain name.

Regardless of the intention, we can classify it as a new spam message category: vote spam. So, PandaLabs can name it, following the costume of giving new names: it’s “vospam”. Wait for the next US elections, we will have more of them.

 Thanks a lot to Fernando de la Cuadra for this post.

Tags: malware, panda

Posted under Malware Alerts

Sometimes, when we speak about social engineering, we think about people at the other side of the phone trying to get our passwords to gain unauthorized access to our accounts. When this data is in their hands, panic spreads: intrusion on companies, espionage, identity theft…all the classic goals of this kind of attacks.

But let’s not forget the underlying reason of social engineering. Therefore, I particularly like the following definition, which I think is the essence of these attacks: “the art and science of getting people to comply with your wishes”.

Under the premise of this thinking, this week at PandaLabs we have discovered a new way to apply this concept. It is very simple and pleasant. You receive a small application on your desktop that shows a woman offering you a striptease.

 

How can we take off this woman’s clothes? Just typing a few letters displayed next to the girl as we can see in the following image:

 

Hmmm, can you recognise this kind of image? Yes, it’s a captcha (Completely Automated Public Turing Test to Tell Computers and Humans Apart) image. Now, look at yourself, you are a human automated captcha reader. If you type the correct interpretation of the image, you are sending the information necessary to break the protection of the targeted site. This attack could be used to create massive mail accounts, for comment posting… for all the services that use captchas to authenticate a person instead of a computer. In this particular case, the captchas were from Yahoo.

 

A sample of this client side application is detected as Trj/RompeCaptchas.A, whose translation is Captcha Breaker.

Thanks a lot to Unai Fernández & Francisco Berenguer for this post.

Tags: panda

Posted under Malware Alerts

One of the tasks of security companies is to "forecast" what will happen in the future based in the data and trends we observe. This is a really important task, as this way we can provide users with guidelines and base our researchs in the possible protection mechanisms we will have to develop in the future.

Some days ago, a Trojan entered the fray which attempts to deceive users passing itself off as a security program for Skype. It is called Skype Defender and its main aim is to steal the user's data of Skype. It is then when we shall look back and bring to mind what we told about VoIP attacks almost 2 years ago. In January 2006, we published a document about security in VoIP systems, written by Fernando de la Cuadra and Enrique González Ochoa. We presented it in the 5th Iberoamerican Conference on Systems, Cybernetics and Computer Science CISCI 2006, in Orlando, Florida.

Here you have an extract of the document:

"Identity Theft. A malicious application could steal a VoIP system user ID, deactivate the user's connection to avoid duplicity and use the stolen ID in its own VoIP network. In this way, the theft victim would be paying for the account when in fact the thief would be the one using it. This use of communication lines is an update of "phreaking" techniques, which use telephone lines to make connections or have conversations unbeknownst to their legitimate owners."

It seems that some of the predictions we made have come true. I have published this document here again in case you want to know which threats are awaiting us.

Tags: malware, panda, trojan

Posted under Malware Alerts