Fake AntiVirus accounts for 15% of all malware

Google have found that 15% of the malware that they found on web sites was fake antivirus. CNET cover the story here. They provided some interesting data,  finding 11,000 domains involved in the distribution of fake antivirus.  What is also very interesting is that fake antivirus accounted for 50% of the malware that was delivered by online advertisements.

What does this tell us? It tells us that the cyber-criminals are finding it worthwhile and profitable. It also tells us that they are ‘loading’ up on fake antivirus as an extremely effective way to compromise people’s machines.  They are also becoming more convincing in how they present the fake antivirus malware to end users. It would also suggest that fake antivirus is not going away any time soon and people need to be on their guard.

April 28, 2010 | Filed Under Security | Leave a Comment 

Your printer knows a lot about you – think about it

As I walked into the office this morning, I saw a large copier/printer/fax waiting to go the other way. It was obviously on its way to the skip or the second-hand shop. For those of us working in offices, we have grown used to using these multi-function devices (MFD). In some ways, the MFD has become the new ‘water-cooler’, where, people come together for a quick chat or gossip, as they wait for their document, or scan to complete and heaven forbid, even a fax to pop out of it.

I suppose it never would really occur to us that many of these MFDs would have a hard disk in them. We all know that they have to have some sort of storage in them, don’t we? Hence, why jobs get ‘queued’ to the printer, then we all stand around waiting for my ‘job’ to complete. This story from CBS News, really made me think. They report that ‘Nearly every digital copier built since 2002 contains a hard drive – like the one on your personal computer – storing an image of every document copied, scanned, or emailed by the machine. In the process, it’s turned an office staple into a digital time-bomb packed with highly-personal or sensitive data.’

CBS News launched an investigation, where they bought second hand copiers. They bought four for circa $300. They took them away, then removed the hard drives in them and had a look at what was stored on them. There was a lot of valuable information; tens of thousands of documents. On one used by a sex crimes unit, they found information which detailed domestic violence complaints. One copier, used by a Police drugs unit, contained a list of targets in a drugs raid. One other copier was used by a health insurance company and had 300-pages of individual medical records.

It really makes you think – does it not. It is a wake call to the manufacturers of these devices and the companies who use them, to consider how to erase and remove information from them. We as consumers need to think about the printers and copiers we use at home and understand if they contain a hard drive. If they do, then you need to find out from the manufacturer, or the retailer who sold it to you, to understand how you can erase the drive when you are finished with the device.

April 21, 2010 | Filed Under Data loss | Leave a Comment 

Fatal System Error

Without wanting to turn my Blog into a book-club, without the wine I may add, I want to recommend a very interesting and readable book.  ‘Fatal System Error’ by Joseph Menn, offers a fascinating glimpse and insight into how cybercrime has evolved, it’s consequences and the issues that law enforcement faces in counteracting it. 

The factual narrative is enlivened by focusing on the story of two individuals who have battled against the rise in cybercrime. Barret Lyon, a computer whizz who unwittingly became embroiled in protecting legitimate and illegitimate businesses against attacks. Andrew Crocker is a British detective, who in working for the National Hi-Tech Crime Unit in the UK, went to Russia to track down and prosecute hackers and to find out who they ultimately worked for. 

The books offers great insights into how cybercrime works, who is involved and why it is being used. It is truly shocking and thought-provoking, in equal measure.

April 20, 2010 | Filed Under Gaming, Identity theft, Regulation, Security, Technology, Uncategorized | Leave a Comment 

Cybercrime continues to ramp – ISTR

Today, sees the launch of Symantec’s Internet Security Threat (ISTR) report for 2009. As ever, if provides a fascination insight into what they key trends are in cybercrime and malicious activity. We report that we blocked some 3.2 billion attacks in 2009: that translates to 100 attacks every second. So, the bad guys have not gone away, they are actually stepping up their attacks. To counteract this, we created 2.9 million malicious code signatures in 2009, up some 71% from 2008. We actually identified more than 240 million distinct new malicious programs, a 100 percent increase over 2008.  In the last quarter of 2009, we released our new reputation based security technology to help counter this surge in the volume of malware. Of the threat instances that Symantec’s reputation-based technology protected users from last year, approximately 57% corresponded to singletons (single instances on one computer). This reinforces the reality that the malware writers are have now changed their playbook – their tactic is to limit the instances of their code in an attempt to circumvent traditional security techniques.

The ISTR also identifies some interesting developments with respect to personal email accounts. These are being bought and sold, batered and traded among  the cybercriminals for as little as 65p, or $1. Gaining access to a personal email account allows them to then distribute malware from this account via people’s trusted network of contacts. Compromised email accounts also often provide access to additional sensitive personal information, such as bank passwords, mailing addresses and phone numbers and other passwords and online accounts. The data could be used to reset passwords, potentially giving fraudsters complete access to personal accounts and indeed whole identities. It really is a wake-up call to everyone to guard their personal email accounts jealously. Instead of using it as a default filing cabinet for other login credentials and passwords, this information should be moved out of your personal email folder and stored in a safer place. People really now need to use password management tools and software. You can take a look at and download the ISTR here.

April 20, 2010 | Filed Under Announcements, Security | Leave a Comment 

Norton 2011 BETA

For many people it feels that we have just started into 2010. Well, in the fast moving world of security, we are always having to adapt and innovate. So, to that end, yesterday we released into BETA NAV 2011 and NIS 2011. This provides an insight into what we are planning for your next release of these products. The 2011 Norton BETAs are being developed to improve or maintain key performance benchmarks in installation times, scan times, and memory usage. In addition, the products will include System Insight 2.0 which goes beyond security and alerts users when applications are significantly impacting their system resources.

At the heart of this Norton release is the industry leading reputation-based security technology. New to 2011, Download Insight 2.0  increases the breadth of the product’s reputation protection by applying it to virtually every download  regardless of the client (browser, email, IM).  This helps ensure that users are protected from harmful downloads no matter how the file is delivered to their machine. Additionally, Norton 2011 uses the reputation information to report on the “trustworthiness” of files on a system and help users understand if their download behavior is more or less risky versus the 53 million Norton Community Watch members today.  You can download it here.

Furthermore we are also providing into BETA some additional tools. Symantec is announcing several new tools in the fight against cybercrime. These tools will remain free and address some of today’s trickiest and most prevalent issues related to malware infection and removal. We are introducing Norton Safe Web for Facebook, that will scan feeds for malicious URLs. You can download it here.

Norton Power Eraser is a tool specifically designed to help find and remove those ‘scareware’ applications that are adept at deceiving you and prove difficult to remove. You can down load it here.

Finally, we have the Norton Bootable Recovery Tool, which  allows Norton users to boot a PC into a safe state when a system is so deeply infected that it will not properly start up. New this year, the Norton Bootable Recovery Tool wizard automatically creates a CD/DVD/USB bootable device in a quick and easy way. You can download it here.

April 20, 2010 | Filed Under Announcements, Security | Leave a Comment