Rogue Fake Codec – Finding the differences
In the last days we have received a good number of new variants of rogue fake codec. That’s why we propose you a little game that consists in finding the differences between the images:All these variants have been detected as Adware/VideoPlay. Their behavior is similar: when installing the program, a file, whose name is usually matrix(random numbers).exe or bootmatrix.exe, is run. This file spreads by making copies of itself in the removable drives and it also creates an autorun.inf in order to be run when they are accessed.This file collects the data stored in the browsers, such as cookies, passwords, profiles, email accounts, etc, and connects to a remote address to send the information.In the last month there has been an increase of almost 400% in the number of samples of this malware received in our inboxes comparing with the previous month. This nasty piece of malware is the same as the one that was being distributed using Digg and YouTube.
source
Microsoft Security Advisory (960715): Update Rollup for ActiveX Kill Bits – 2/10/2009
Revision Note: Advisory published. Advisory Summary:Microsoft is releasing a new set of ActiveX kill bits with this advisory.
Symantec warns of alarming spam trends (vnunet.com)
Shaun Nichols in San Francisco, The volume of spam messages laden with malicious links or attachments is increasing, according to the latest figures. Symantec’s monthly State of Spam report claims that malware-laden messages are far…
source
Warning signs signal most computer problems (Bradenton Herald)
A handful of computer problems represent most of the service we provide in our shop. Virus and spyware problems are most prevalent. Hardware issues such as hard drive failure and the effects of power surges on power supplies and network cards also are common.
source
Can we cope with the increasing malware?
Recently, we published the latest bulletin about the steep increase of Banker Trojans. Today we have massive amounts of malware circulating the Web and most of them are Financial/Identity Theft related. See the report: hereThe increase in the volume of malware in circulation has been exponential over the last few years. In 2007 we received more malware samples than in the previous 17 years combined. Our forecasts for 2008 indicated that we would end the year with some 7 or 8 million malware strains, however, we actually ended up with over 15 million malware specimens.To fully understand the explosive increases in samples, you must first understand the characteristics of this new, increasingly complex malware. As you may already know, we rarely face large epidemics triggered by fame-craving virus writers looking to infect thousands of computers. Instead, today's malware writers are heavily focusing on monetary gain. The goals of modern day cyber-criminals are to maximize the profit from their creations. This is seen in the evolution of the following malware types throughout last year: Types of malware received at PandaLabs in January 2009As we have published several times in this blog, today, there are huge illegal businesses behind this type of cyber-crime and criminal organizations are making a lot of profit from identity and data theft.I'd like to share with you just a glimpse of how we have been able to fight this avalanche. The model that was previously used by the entire industry was clearly unsustainable over time, as it involved technicians manually examining the malware samples received at labs. Given the rate at which malware volume was increasing, how could we possibly answer our clients' needs? How long would that take? Could we keep clients protected? How many technicians would we need in just a few years' time to be able to analyze all these samples? So, in 2006 we decided to stop working like the others and started implementing what we call Collective Intelligence. I don’t want to go into too much technical detail about this (those of you who are really interested in this subject can download the White Paper we published in early 2008: here. What we basically did was develop a system for automatically detecting, classifying and remediating malware. This approach offers a complete real-time protection for users with the minimum impact in their systems, as the entire process takes place “in the cloudâ€. Today, two years after we started implementing this technology into our products:- We have classified over 17 million malware strains.- We receive some 25,000 malware samples every day. With Collective Intelligence we can automatically analyze and classify 99.37% of it.- Our current response time is 30 times shorter than two years ago.Now that many companies are beginning to talk about cloud computing, It's amazing to think that we have implemented this technology over two years ago. The scalabilty of Collective Intelligence allows us to combat the new malware dynamic with a future proof concept, as it is clear that the number of malware in circulation will continue to grow in the future. With Collective Intelligence we can detect new malware very quickly and protect our clients in real time, which is our ultimate goal. Also, as most processes take place in the cloud, our solutions have no impact on our clients’ computers, one of the key objectives we had when developing this technology.Finally, apart from the technological response that we, as security vendors, must offer to users, I think we also have to do everything possible to report this criminal activity, help public institutions and raise awareness among the general public to stop those that are behind the malware strains we get at our laboratories. This, however, will be the subject of another post.
source