A bit more on that spam from an Android botnet

A quick follow up on my previous post about spam from an Android botnet, there are a few things I need to point out: Sophos discovered the same thing on their Naked Security blog: The messages appear to originate from compromised Google Android smartphones or tablets. All of the samples at SophosLabs have been sent…

19

Spam from an Android botnet

I came across some interesting spam samples today. The messages all come from Yahoo Mail servers.  They are all from compromised Yahoo accounts.  They are sending all stock spam, the typical pump and dump variety that we’ve seen for years. But what is interesting about them is that they all contain the following Message-ID: Message-ID:…

36

Android taking over as the malware author target-of-choice

A couple of weeks ago, Der Westen, a German online news magazine, published an articled entitled Android is a virus writer’s favorite target.  In it, the author (and if you don’t speak German, you’ll need to translate with your browser) talks about how we used to have lots of problems with PCs and eventually everyone…


Roundup of Flame so far

I hadn’t commented on it before, but last month the Flame malware was discovered by researchers from Kaspersky.  Here’s what we know so far: Reuters originally reported that it was designed as a cyber weapon to be used against Iran.  However, it wasn’t just computer systems in Iran that were infected with Flame, but several…


Evolution of the antivirus industry

I found the following elsewhere on the web.  I bumped up the original dates in the graphic by 3 or 4 years.

1

Naked Security

[With apologies to Sophos who maintain a blog of the same title as this post; please feel free to reciprocate by writing a blog post with my blog’s name in the title]. A couple of weeks ago, McAfee released the results of a study they performed, analyzing the security practices of computer users in 24…

1

According to the Department of Homeland Security, cybercrime is a bigger threat than terrorism

An article in Forbes the other day reports on US Secretary of Homeland Security Janet Napolitano’s comments that ‘cybercrime represents the “greatest threat and actual activity that we have seen aimed at the west and at the United States” in addition to “or other than Al Qaeda and Al Qaeda-related groups.”’  From Forbes: Addressing an…

1

Does Stuxnet, Flame, etc., unleash a Pandora’s Box?

In my previous post where I linked to an New York Times article, the last paragraph is the following: Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable…


New York Times: Obama Order Sped Up Wave of Cyberattacks Against Iran

The New York Times has a front-page story today alleging that the Obama administration continued the program of cyberattacks begun by the Bush administration.  Indeed, they sped it up. In case any Microsoft lawyers are reading this post, I am alleging nothing about the US government or any malware, I am merely pointing readers to…


What Apple’s security response can learn from Microsoft

A couple of days ago, Ed Bott posted an article on ZDNet entitled What Microsoft can teach Apple about security response.  This is in response to how Microsoft deals with security vulnerabilities and applies updates, vs how Apple does it (did it) with the Flashback malware.  Some highlights: Microsoft updates its OS with critical security…

2

Spam levels still lower a year after Rustock

Arstechnica wrote an article this past weekend entitled Spam levels still low a year after Rustock botnet takedown.  From the article: In March 2011, a Microsoft-led team targeted and decapitated the Rustock botnet, and a dramatic decrease in spam traffic was noticed almost immediately. It turns out that a full year later, spammers have not…


Mac users hit by another wave of malware

In case you haven’t been watching cyber news recently, last week various security researchers published that Macs were infected by the Flashback Trojan and that the total number of infections worldwide was 600,000.  This number was published by a couple of blogs. I debated writing about this topic since we had a previous Mac outbreak…


Pinterest spammer finds it easy to make money

About a week ago, I read an article on SecurityNewsDaily where a spammer gave an interview to The Daily Dot and explained his methods.  He claimed not only was he making $1000 per day spamming and scamming Pinterest, but that it was really easy. If you’re not familiar with Pinterest, I wasn’t either until earlier…


Predicting the future of abuse, part 2

Following on from my previous post, what does the future of Internet abuse look like?  Here’s what I think: The proliferation of smaller devices will shift malware away from PCs to phones and tablets Crime will not go away.  The reason criminals started writing botnets for mobile applications is because they are popular with users. …