ANTI-MALWARE.info | The Reference in Independent Anti-Malware Advice and Information
Subscribe | Log in

Blog

The real problem behind the hacking of celebrities fan pages of Facebook accounts like Mark Zuckerberg and Sarkozy

Last Sunday night, it appeared the French premier was abandoning his plans to run for re-election in 2012, at least that’s what you could read on his Facebook page. The fact is that they weren’t Sarkozy’s words. If you looked very carefully you could see some misspelling and missing accents within the message that stated in French:  “Dear compatriots, given the exceptional circumstances our country is experiencing, I have decided in my spirit and conscience not to run for office again at the end of my mandate in 2012.” Of course the message was not his own but came from the hacker. 

But it seems that he was not the only one recently affected as we saw another strange message earlier today on Facebook CEO Mark Zuckerberg’s fan page.

(more…)

New interesting moves from AMTSO during the last meeting in Munich, Germany

This is a copy from the original posting at the G Data Security Blog.

G Data is one of the members of AMTSO (www.amtso.org), an organisation currently comprised of 37 members, representing testers, vendors, academics and publishers involved in anti-malware research. Last week I was at the last AMTSO members’ meeting which was held in Munich. As always, a lot of work was done during the workshops.

First of all, some guidelines about testing for false positives (FP) were adopted. The False Positive issue is a common problem and the security industry dedicates a lot of resources to ensuring the highest quality and to reduce False Positives heavily. We welcome the new joint guidelines related to testing of false positives and we are hoping that in the light provided by these new guidelines, the FPs from all security products will be much more fairly assessed. The new documents can be found at www.amtso.org/documents.html.

(more…)

A critical look at the major takedown of BredoLab by the Dutch High Tech Crime Unit: More International Cybercrime laws needed!

Yesterday, 25 October 2010, The Dutch High Tech Crime Unit of the KLPD announced a major takedown of a large botnet, known as Bredolab.

You can find more and a copy of this blog entry at the original G Data posting page

Bredolab is a big family of polymorphic Trojans and has been thought to install parts of the Cutwail botnet in the past. The botnet has spread through drive-by-downloads and email. Bredolab is known to send out large email spam campaigns and the installation of fake security products. The Dutch company LeaseWeb was hosting this botnet, without their knowledge. After the company was informed about this fact, they gave full cooperation to the authorities to take the botnet down.
Even though this was the largest operation against cyber crime in the Netherlands so far, it was not unique. It has been done in serveral other countries before, like the US, Spain and even in the Netherlands. The striking point is how things will be handled from here. The High Tech Crime unit will use the existing botnet infrastructure to send a program to all infected machines, showing them a warning : “Users of computers with viruses from this network will receive a notice at the time of next login with information on the degree of infection.” This screen is shown in a video. Click the following direct link to see it: http://teamhightechcrime.nationale-recherche.nl/nl_infected.php

(more…)