Stop spyware - could we do it this easily? The spyware industry revolves around money? fight back with your wallet.
Click here to visit Viruslist.com a fantastic source.
The latest alerts and news from Kaspersky.
See also other threat info
Dec 10, 2005. Trojan.Danmec article. This trojan was passed around to a few AV's earlier this week, which might suggest a few had missing detection. A relatively small simple trojan, and a simple demonstration. See how easy IDA Pro makes it for those AV guys to find and decrypt the hidden strings.
Dec 8, 2005. The end of AntiVirus as we know it ? Things could change in a big way over the next 1-3 years. Windows VISTA and Windows Defender must have some impact. The key to dominating the market is the distribution capabilities Microsoft will have with the security features in an OS. Users only have a load of anti-virus, anti-trojan and anti-spyware programs on their PC because Windows is insecure. Once the OS looks after itself, there will be less need for 3rd party apps..
Nov 29, 2005. WIN2K driver changes! BIG changes, this means Windows 2000 is practically being dropped completely. Soon it may be DEAD, I see this as the beginning of the end. This will change the way more programmers look at what OS to support. Many new security programs (and games too) already only support new OS'es from Windows 2000 up.
Windows XP will be the "legacy OS" which Microsoft will surely support but for who knows how long. Everyone may be urged to move to VISTA - and rightly so, this will mean massive decreases in many attacks which are due to all the insecure PC's out there. As soon as those are gone and VISTA machines are prominent, attacks will be very much limited and start to disappear.
It is this time of the year I am upgrading a Windows 2000 machine of my own. The time looks to be right to move it to Windows XP. Perhaps it really is the end for Windows 98 and 2000. New machines need Windows XP and higher to perform to their best anyway. Perhaps it is the right move from Microsoft. The Windows 2000 kernel is considerably different and less secure than XP. Hopefully they drop the prices on XP a good deal and try to migrate everyone to it by Christmas. NEXT YEAR VISTA !
Anyway for me, XP looks the way to go, and dualboot to VISTA later.. hopefully I can get a BETA 3 or newer from Microsoft when its ready. I would love to send feedback! *hint hint* ;)
Nov 22, 2005. Sony being sued! It had to come to this, despite them posting a public apology on their site. Hopefully my last post needed in this huge saga, all the info really needed now is there and detailed in the links available. Massive story and vindication for efforts to provide rootkit defence like ProcessGuard get it here. The last bit of real bad news for Sony, increases in piracy
Nov 18, 2005. More on the Sony DRM issues, there is a problem using the web based removal tool offered, then another type of protection was suspect and has been "fixed" in the same way - this ends up causing the same problem, more chances of malware entering the system. Shame shame shame !
Amazing and controversial outcomes and surely this is only reinforcing the point that legislation and freedom must meet somewhere in the middle. Laws need to be made governing online usage, computer usage, adware and other invasive things which are happening to innocent users. DRM is right up there with with the top issues and must be addressed with them. Many call for open source, and/or legislation on software vendors..
Consider the rapid uptake of the global internet, superfast computers, and our lives online. Then consider stealth, hackers, bank trojans, spam proxies, online theft and fraud, phishing scams, lots more. In this information age, clearly our online life is becoming closer and more integrated into our real life. The global economy is influenced by online commerce, which grows rapidly.
Something needs to be done soon, 2006 will continue and only get worse. Windows VISTA will solve many problems due to transparent, but forced usage of LIMITED user accounts. This is a big step and works well, but still this is only a small part of the problem. Attackers innovate, and they will attack Vista.
Nov 7, 2005. Sony DRM rootkit? Message boards are abuzz with the screams of complaints about the latest DRM disaster. This "rootkit" hides files for managing the disc, in a way that allowed users to hide malware. There is now an update for it available, which users won't install.
Sysinternals wrote about it..
A bit about the update
Quote from Kaspersky Lab Analyst's Diary !
The software can also mess up your system when you try and remove it from your computer. Possibly worst of all, the way this rootkit is coded makes it easy for it to be used to hide malware.
We would like to highlight that according to ASC's definition of SpyWare this software may be classified as such.
* May be a nuisance and impair productivity
* Can slow machine down or cause crashes and loss of data
* May be associated with security risks
* Can compromise system integrity and security
* Done covertly, it is stealing cycles and other resources
Read all about it here
Nov 6, 2005. Windows Defender Well it had to have a snazzy name. Microsoft AntiSpyware has a new name, especially since it will be integrated into VISTA by its expected Dec 2006 release. Windows Defender is the name. Read all about it on this blog.
Oct 31, 2005. Kaspersky Lab - Analyst's Diary has another interesting snippet I just noticed, on their database figures. This is in direct proportion to the rise in detection numbers we were experiencing at DiamondCS when TDS-3 was being updated. Scroll down to Our Latest Updates to see the huge rises in numbers of new viruses being added to their database..
Oct 28, 2005. Mocbot - yet another BOT variant
Not another bot! where will it end?. Probably a MYBOT or SDBOT rebuild. Tens of thousands of bots now exist which are nearly all variants of existing source like SDBOT and others. I will get a sample shortly and update with what it is.. just another self spreader with features like most bots. Uses the latest exploit MS05-039
Amazing numbers of new malware - the last year has produced massive amounts of new malware samples, yet you could nearly count the number of really NEW unique Windows viruses on one hand. Everything out there is a copy, variant or progression of an existing virus or trojan. Even most of the spyware is recycled. The answer to the problem is proactive protection. Need help? send me an email!
SecurityFocus have a nice article about rootkits, Windows Rootkits in 2005. This is part 1 apparently, I will have to have a read of this, and will keep an eye out for other parts of it.
VirusList.com have a detailed article about the upcoming rootkit protection in KAV6. It will be interesting to see how well they do combat them with a generic type of protection - one which still aims to "detect" rootkit attacks.
Oct 10, 2005. Trojan.PSPBrick turns your PSP into a brick
It claims to help make PlayStation Portable run homegrown software. Avoid hacks at all cost! using them would void your warranty anyway. The latest version has been patched to avoid this hack, according to Sony. See how small the exploit is
Original reported info about the exploit
Oct 08, 2005. Kaspersky Lab - Analyst's Diary report on a 100,000 PC botnet bust. These 3 men clearly attracted too much attention with a large botnet. Note they patched the malware.
The Dutch police have arrested three men who are suspected to have set up a botnet of more than 100 000 computers worldwide.
Just another reason to be proactive and CAREFUL!
The botnet was used to steal confidential information such as creditcard and banking data as well as to conduct DDoS attacks.
The malware used by the hackers was based on Backdoor.Win32.Codbot(an IRCBot), which was regularly altered to avoid detection by virusscanners.
It's also likely that they were making malware which can spy on login info for online banking, for which they were paid.
Sept 30, 2005. Backdoor.Sparta.D is clearly an updated version of the source made by an attacker known as "iOWA". Of course it could be given away source that has been modified, definitely an interesting find. The change ? add rootkit style code injected in WINLOGON.EXE. Could it be any more predictable ?
Sept 26, 2005. BLOCK-CHECKER article is up.
An analysis of the original Block Checker download. This download is from months ago. Block-Checker has since been updated and thus changed.
Sept 25, 2005. A new NETSKY worm Netsky.AN. These are prevalent worms and probably a revenge worm. Netsky were less prevalent for a little time, but way back when the worm infestation began, NetSky cleaned a LOT of machines. A good virus? maybe so at least for some.