IT security employees likely to disclose what appears to be sensitive information on social networks

August 27th, 2010

Study reveals that 81 percent of a large social network’s users would accept as a friend and confide in a 21-year-old blonde lady without taking too many precautions

 

BitDefender®, an award-winning provider of innovative internet security solutions is today warning social networking devotees, among whom IT employees, to be very careful when accepting friend requests within the network and to mind what data they share with these persons they barely know.

According to a new BitDefender experiment, the users of social networking platforms do not appear to be too preoccupied either about the real identity of the persons they meet on-line or about the details they disclose while chatting with these total strangers. Conducted over two weeks, this experiment revealed that 94% of those asked to add as their friend an unknown young woman, accepted the friendship request without having a clue about who the requester really was. Truth be told, 13 percent of this user pool did, however, bother to ask whether they had met the blonde girl face-to-face or not.

The experiment was conducted on a cluster of 2,000 users from all over the world registered on one of the most popular social networks. These users were randomly chosen in order to cover different aspects: sex (1,000 females, 1,000 males), age (the sample ranged from 17 to 65 years with a mean age of 27.3 years), professional affiliation, interests etc. In a first step, the users were only requested to add the unknown lady as their friend, while in the second step several conversations with randomly selected users aimed at determining what kind of details the social networking aficionados would disclose to that lady.

The experiment showed that more than 86 percent of the credulous users who accepted to become the test-profile’s friends come from the IT industry, with 31 percent of them working in IT security. The most frequent reason for accepting the unknown young blonde as a friend was her “lovely face” (53 percent).

 “The puzzling reaction of IT security employees confronted with possible privacy threats, such as those described in the experiment, contradicts, to some extent, the general attitude towards such issues, as almost all security companies lay stress on the risks associated with social networks. In other words, it seems like policies and regulations simply disappear exactly in an environment where they supposedly are stricter than elsewhere.” said Sabina Datcu, BitDefender E-Threat Analysis and Communication Specialist, author of the experiment.

Moreover, the experiment also revealed that the most vulnerable users seem to be the same IT industry employees – after a half an hour conversation, 10 percent of them disclosed to “the blonde face” personal sensitive information, such as: address, phone number, mother’s and father’s name, etc – information usually requested as answer to password recovery questions. Two hours later, 73 percent siphoned what appears to be confidential information from their work place, such as future strategies, plans as well as unreleased technologies/software.

“What is most intriguing is the fact that what people will probably never do in a face-to-face real-life situation is blatantly happening under the shelter of an alleged invisibility or anonymity that social networking could induce. Concepts such as ‘non-disclosure’, ‘confidentiality’ or ‘privacy’ suddenly get blurred in the minds of some users when they are chatting on-line with a blonde interlocutor, although the same individuals will probably never say a word about the same topics if they met that blonde lady in person.”, Datcu concluded.

More details about the experiment are available on www.malwarecity.com, a BitDefender initiative for the computer security community and a free resource for those interested in their online safety.

No private information from this study will be disclosed or used against the persons that revealed it. No company confidential information will be disclosed or used for personal purposes. The content of the information has not been collected. All trademarks or product names contained herewith are registered trademarks of their owner companies.

Post to Twitter

Tags: , , , , ,
Posted in Social Network | No Comments »

BitDefender Internet Security 2010 Receives Esteemed AV-Test Certification

August 20th, 2010

BitDefender Internet Security 2010 Receives Esteemed AV-Test Certification

Antivirus software awarded for high scores in the categories of protection, repair and usability

 

August 19, 2010 – Today BitDefender®, an award-winning provider of innovative internet security solutions, announced that BitDefender Internet Security 2010 successfully passed the AV-Test Certification Criteria for the second quarter of 2010.

The test recognizes BitDefender Internet Security 2010 for its excellent ease of use, high protection rates and strong ability to repair infections. The test analyzed effectiveness, behavior and speed of security solutions and this quarter the certification was given to only 13 out of the 25 products tested. BitDefender showed exceptionally strong results in two important categories: the performance test, which reflects how a computer is used on a daily basis, and detecting actively running toolkits – known to be particularly damaging to systems. The complete results are available at: http://www.av-test.org/

“At the end of the day our customers care about being protected and demand a product with superb threat detection and the capability to fix the issues they may encounter,” said Viorel Canja, Head of AntiMalware Labs at BitDefender. “The AV-Test certification is a validation of the commitment and resources BitDefender puts forth to make sure we have the best security product available.”

“At AV-Test.org, we look beyond the protection vendors’ offer against various malware, including viruses, worms and Trojan Horses,” said Andreas Marx, CEO of AV-Test.org.  “We pride ourselves in paying attention to the strength of the products repair features as well as the impact the security software has on the computer as a whole.”

For additional information and details on the results of this test, please visit http://www.av-test.org/

Post to Twitter

Tags: , , ,
Posted in Malware, Security, Virus | 2 Comments »

Facebook Hacker – A Dangerous Tool

August 18th, 2010

facebook Hacker – A Dangerous Tool

A do-it-yourself kit that will enable ill-intentioned people to steal usernames and passwords to all kind of accounts

Phishing is known to be the weapon of choice for all cybercriminals that are after login credentials. However, a new attack tool – facebook Hacker – has drawn attention to the ill-intentioned people in need of passwords and usernames that are not theirs.

This do-it-yourself kit helps the wrong doer steal login credentials from whoever was targeted without the user even having to type in any of these desired fruits.

Facebook Hacker Directory Listing

Facebook Hacker Directory Listing

Fig.1 The extracted archive of the facebook Hacker

The kit is intuitive, thus extremely easy to configure, just like any do-it yourself hack tool designed with the “skiddie” in mind. There are only two fields that need filling in: a disposable e-mail and a password that will eventually constitute the location where the stolen information is to be delivered to.

facebook Hacker Configuration Panel

facebook Hacker Configuration Panel

Fig. 2 Configuration panel

After clicking the “build” button, a server.exe file is created and deposited into the facebook Hacker folder along with the initial files. This server.exe file is to be sent to the intended victims.

New file created in Hacker Facebook Directory

New file created in Hacker Facebook Directory

Fig. 3 The server file to be sent to the victims is ready for distribution

Once run, the malicious tool will snatch the victim’s Facebook® account’s credentials, along with all the usernames and passwords that we carelessly ask the browser to remember for us. Yes, because facebook Hacker also targets the Internet browser and Instant Messaging clients to pick up the entire list of “remembered” identification data.

In order to successfully collect passwords, the malicious binary includes applications able to squeeze data out of the most popular browsers on the market, as well as of almost all instant messaging clients available. To add insult to injury, the application also enumerates all dialup/VPN entries on the computer and displays their logon details: User Name, Password, and Domain.

To avoid detection, the facebook Hacker will also look for all the processes related to a security suite and kill them upon detection. It is important to mention that it is accessorized with a hard-coded list of processes associated with AV solutions that are to be checked and stopped, if found.

Last but not at all the least, the piece of malware looks for network monitoring applications and terminates them. This is a safety measure that will prevent curious users from seeing their passwords leave the system.

TCP dump Information

TCP dump Information

Figure 4: TCP dump of the information sent by the application. Since the SMTP server uses TLS encryption, sniffed traffic will not reveal much of what’s going on.

As it can be seen, the author took a lot of time to think of various elements that could interfere with the smooth operation of this tool and to eliminate them one by one.  

All product and company names mentioned herein are for identification purposes only and are the property and may be trademarks of their respective owners.

Email Log

Email Log

Figure 5: The stolen credentials of our test accounts got mailed on the specified address.

BitDefender® identifies this threat as Trojan.Generic.3576478. In order to stay safe, please ensure that you are running a frequently updated antivirus utility. Also, remember not to run files you may receive as attachments or via IM, or at least, to scan them beforehand.

Post to Twitter

Tags: , , ,
Posted in Malware | No Comments »

Free BitDefender Internet Security 2010 license for 90 days

August 5th, 2010

BitDefender MalwareCity is giving away complimentary BitDefender Internet Security 2010 for 90 days.

This is limited time offer.
Get Free BitDefender Internet Security now.

Post to Twitter

Tags: ,
Posted in Security | No Comments »

ASEAN Foundation Partners with BitDefender and QCOM Group

August 2nd, 2010

Singapore – July 30th, 2010: BitDefender, an award-winning provider of innovative anti-malware security solutions together with QCOM Group, official distributor of BitDefender announce a new partnership with ASEAN Foundation that consists in a donation to ASEAN representatives of the safest and most secure internet protection.

Mr. Michael Leong, CEO of QCOM Group, handed over the range of BitDefender Security software products to Dr. Filemon A. Uriarte, Jr., Executive Director of the ASEAN Foundation, during the latter’s visit to the QCOM Group’s office in Singapore on 20 July 2010.

QCOM Donation to Asean Foundation

The donation includes more than US$6,000 worth of BitDefender anti-virus licenses for PCs and File Servers at the entire AFNet site. QCOM Group will also provide free technical support and training on BitDefender products and free BitDefender 1 year-1 user Antivirus keys to AF ICT training participants to improve PC security and awareness. The ASEAN Foundation intends to distribute these BitDefender software products to the offices of the Permanent Representatives to ASEAN, the ASEAN embassies in Jakarta, the Friends of ASEAN, the ASEAN Secretariat, and the various partner organizations of the ASEAN Foundation.

BitDefender combines advanced antimalware technology to provide security against e-threats, viruses, spyware, hackers, spam, and phishing attacks, along with ease of deployment, automatic updates, and near zero management for the entire network.

“Offering such high end security software, we believe that BitDefender solutions will be helpful to fulfill the ASEAN users’ requirements for performance and peace of mind” concluded Ms. Diana Stoleru, Channel Manager for BitDefender APAC.

“We are extremely glad to collaborate with ASEAN Foundation and we are certain that this partnership will help enhance BitDefender market presence and product awareness among current and prospective customers in the region”, concluded Mr. Michael Leong from QCOM Group.

As part of this partnership, QCOM Group will also collaborate with the ASEAN Foundation to conduct workshops and trainings related to computer security and awareness with the help of BitDefender. These are all part of the wider corporate social responsibility activities of QCOM Group in the ASEAN region, as a reliable provider of top quality IT products and services.

About BitDefender®
BitDefender is the creator of one of the industry’s fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe – giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.

About QCOM GROUP
QCOM Group Pte Ltd was founded in 2000 and distributes the complete range of Quicken QuickBooks and BitDefender software products and services in Asia Pacific. Besides managing an extensive channel network in Asia, QCOM Group also offers its expertise as a Quicken products application consultant by providing assistance and consultancy to small medium enterprises in Asia to develop fully integrated end-to-end e-Business solutions together with third party partners. Visit QCOM Group BitDefender website at http://bitdefender.qcomgroup.com/

About ASEAN Foundation
The ASEAN Foundation was established by the ASEAN Leaders in December 1997 during ASEAN’s 30th Anniversary Commemorative Summit to help bring about shared prosperity and a sustainable future to all 10 ASEAN Member Countries, namely, Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, the Philippines, Singapore, Thailand and Viet Nam.

Post to Twitter

Tags: , , , , , ,
Posted in Partnership | 1 Comment »

BitDefender® Issues Protection against Vulnerabilities in Internet Explorer® 6 and 7

March 17th, 2010

BitDefender® today has released an emergency update to shield users against the newly-discovered vulnerability in Internet Explorer® versions 6 and 7. Microsoft® has detailed the attack scenarios in security advisor #981374, but did not release a patch to mitigate the vulnerability.

Users running Internet Explorer versions 6 and 7 can get infected by simply visiting a specially crafted web page that uses highly obfuscated JavaScript code to create a use-after-free error, such as a pointer being accessed after the deletion of an object.

Anatomy of the attack

Initially, the user is lured into visiting a specially crafted web link advertised either via spam messages or as posted on bulletin boards, social networks etc. The respective webpage contains JavaScript code obfuscated using the escape function. In order to bypass detection from various antivirus products, the script calls a secondary JavaScript that replaces a variable with the unescape string.

Vulnerabilities in Internet Explorer 6 and 7 - obfuscated Java Script

Vulnerabilities in Internet Explorer 6 and 7 - obfuscated Java Script

The decrypted result is actually the malicious payload which will trigger a heap spray attack and will write the malicious code into the browser’s cache, making it persistent: every time the browser starts, the malicious code is executed without any subsequent intervention (drive-by download), which will result in the automatic download of a file called either notes.exe or svohost.exe (detected by BitDefender as Gen:Trojan.Heur.PT.cqW@aeUw@pbb).

This approach is similar to the one described in CVE-2010-0249 that has been used in targeted attacks against 34 major corporations including Google™ and Adobe™.

Vulnerabilities in Internet Explorer 6 and 7 - Javascript Details

Vulnerabilities in Internet Explorer 6 and 7 - Javascript Details

Mitigating the risks

Although Microsoft announced that the exploit is already in the wild, users haven’t been provided with a fix yet. Most likely, the vendor will issue a patch on the next “patch Tuesday”, namely on April 13. Since Internet Explorer® 8 is not vulnerable to the attack, the next logical step would be to upgrade immediately. However, many custom-made applications in the corporate environment are strongly interconnected with IE 6 or IE 7 and might not work as expected on Internet Explorer 8.

BitDefender is currently detecting the exploit and blocking the malicious code before inflicting any damage to the computer. Moreover, all BitDefender customers have been proactively protected against the infected binaries the exploit is trying to install on the local machine.

In order to stay safe, BitDefender recommends that you download, install and update a complete antimalware suite with antivirus, antispam, antiphishing and firewall protection and to manifest extra caution when prompted to open files from unfamiliar locations.

Post to Twitter

Tags: , , , ,
Posted in Uncategorized | 1 Comment »

Cracked Silent Hunter 5 – Battle of the Malware

March 9th, 2010

March, 8th – To protect the 5th part of Silent Hunter game from piracy, its producers has implemented a new protection system, which not only sparked discontent within the gamers’ community but also increased hackers’ desire to crack it. This coincides with gamers’ passionate hunt for a cracked version of the game, which is clearly illustrated by the search statistics, in which the “name of the game + cracked” combination ranks very high.

However, while engaging in this quest players are willingly transforming themselves into sitting ducks for e-threats. A quick search on the Internet over this very hot topic has revealed that no less than four different breeds of malware accompany the returned results.

four different breeds of malware

four different breeds of malware

The malware cocktail that players are in for includes two different Trojans, one Backdoor Agent and one Rootkit.

Here are just a few hints as to what these ingredients can do. Backdoor Agents are classic Trojan backdoors that open the infected machines to remote access. Rootkits attempt to hide processes, files, registry data and network connections and they are usually employed for malicious purposes, hiding viruses, worms, backdoors and spyware. In the case under discussion, for a complete malware pack, two other Trojans are delivered with the rootkit and the backdoor agent.

Hence, instead of commanding U-Bots in their search for fuel against allied forces stationed in Malta, Silent Hunter’s aficionados could easily end up sinking their machines under the heavy fire of e-criminals’ malware.

In order to stay safe, BitDefender recommends users never to follow suspicious links returned in Internet searches and to only download legitimate applications. Realizing the importance of copyright and the risks users expose themselves to when downloading pirated software are also two key lessons this malware spreading episode teaches. Finally, installing and updating a complete antimalware software solution will help them play on and play safe.

About BitDefender®
BitDefender is the creator of one of the industry’s fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention, emerging as the industry’s anti-malware innovator. Every day, BitDefender protects tens of millions of home and corporate users across the globe — giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.

Post to Twitter

Tags: , , , , , ,
Posted in Malware | Comments Off

Group calling itself ‘al-Qaida in Aceh’ says it survived Indonesian crackdown

March 9th, 2010

By: ALI KOTARUMALOS
Associated Press
03/06/10 7:00 AM EST

JAKARTA, INDONESIA — A group calling itself “al-Qaida in Aceh” claimed Saturday to be the target of a police crackdown in the Indonesian province, where authorities have arrested and charged suspected militants with planning terrorist attacks.

In a statement posted on the blog hosting site WordPress.com, the group said it had survived the police crackdown and pledged to continue its jihad against “Zionist Jews and Christians and apostates.” Later Saturday, WordPress blocked access to the blog for violating its terms of service.

It was not possible to authenticate the statement. Police spokesman Maj. Gen. Edward Aritonang said the statement was under investigation, and could yet prove to be a hoax.

Police have arrested 16 suspected militants in a series of raids in the deeply conservative province of Aceh since Feb. 22, the latest two on Saturday. Police suspect the group is linked to Jemaah Islamiyah, a Southeast Asian offshoot of al-Qaida that has been blamed for twin bombings last year on hotels in Jakarta, and 2002 bombings on the island of Bali.

“As of the 10th day of the pursuit against us, we survive to continue jihad although some of our brothers were captured and martyred,” the statement said.

“We hereby assure Muslims that we will uphold our pledge to jihad against the Zionist Jews and Christians and apostates until God awards us victory, or we become martyrs in the way of Allah,” it added.

Sidney Jones, Jakarta-based senior adviser for the International Crisis Group think tank, said she had never heard of the group and could not say whether the statement spoke for the militants in Aceh. She said militants in the province appeared to comprise several movements, including Jemaah Islamiyah.

President Susilo Bambang Yudhoyono said Friday that the group, which he did not name, had set up in Aceh believing that Indonesian security forces had lost interest in the province since a violent separatist movement ended there in 2005. He said members of the separatist movement were not part of the new group.

Police say 14 of the suspects confessed to undergoing paramilitary training, including weapons use and hand-to-hand combat. They say the militants were preparing for a terrorist attack against an undisclosed target.

They face up to 20 years in prison if convicted.

On Saturday, two more suspected militants were arrested in Aceh but have yet to be charged, Aritonang said. He declined to detail the circumstances of those arrests.

Post to Twitter

Tags: , , , ,
Posted in Uncategorized | Comments Off

Hacker Arrested in Billboard Porn Stunt

March 8th, 2010

17 February 2010
By Alexandra Odynova

Police in the southern city of Novorossiisk have arrested a man accused of hacking into a video billboard in Moscow last month and showing a pornographic movie that spawned a traffic jam as curious drivers slowed to watch the film.

The suspected hacker, a 41-year-old unemployed man, was arrested in Novorossiisk and released Tuesday after promising to remain in the city, the Interior Ministry’s high-tech crime department said in a statement.

Police released neither the man’s name nor the date he was arrested but said he had been hacking into computers out of “curiosity” and to “sharpen his skills.”

On the night of Jan. 14, the video appeared on a 9-by-6 meter roadside video billboard on the Garden Ring Road, near the Serpukhovskaya metro station.

It played for about 20 minutes as traffic ground to a halt, with many drivers filming the spectacle on their cell phones and later reposting the footage on the Internet.

Police said the hacker used the IP-address of an organization based in Chechnya to break into the Moscow server and post the video on the billboard. He has admitted that he was behind the stunt but said he merely wanted to entertain people, not create a furor, police said.

The suspect claimed that he intended to show the video not on the billboard, but at a Moscow store, the Interior Ministry statement said. He said he was confident that police would never make it to Chechnya to investigate the case, police said.

He faces charges of illegal distribution of pornography and gaining illegal computer access. If convicted, he faces up to two years in prison.

The incident prompted the Moscow Advertising Committee to ban video billboards on the streets of Moscow.

Earlier this month, the committee tightened rules for video billboards to make them less susceptible to hacker attacks. Billboard operators should be able to switch the signs off immediately in case of emergency.

The Krasnodar regional branch of the Federal Drug Control Service said Tuesday that the suspect had previously faced charges of dealing marijuana in Novorossiisk while working as a taxi driver, Interfax reported.

He had previously worked as a systems administrator but was laid off, Interfax said.

Source: http://www.themoscowtimes.com/news/article/hacker-arrested-in-billboard-porn-stunt/399895.html

Post to Twitter

Tags: ,
Posted in Hacking | Comments Off

« Older Entries