Although this story is awfully coy about details, the size of the targets merits attention. Reading between the lines, at least three of Canada’s largest five banks have been successfully attacked by the “Mariposa” trojan, which installs a botnet “designed for large scale information theft.” Again, while the Canadian companies are not named, it’s a bit disturbing to hear of companies this large in the finance industry being successfully attacked in this fashion. Sounds like they need to upgrade their bot detection software, at the very least. MarketWatch has the full story, although as I said it’s ... more

I saw an interesting figure in a Google blog the other day. From the blog post (the introduction, where the figures are quoted — the rest of the post is largely on how wonderful it is that Google has acquired reCaptcha): As previously mentioned, Google has acquired reCaptcha, a company providing those hard-to-read Captcha tests to tell robots and humans apart on websites (e.g. to protect a comment form against automated spamming). The twist with the highly popular reCaptcha is that it’s also used to help turning scanned books into searchable digital text… something Google aims to apply for ... more

When most of us think of botnets, we picture thousands, perhaps millions, of end-user machines tied together by nefarious operators to achieve their evil goals. But a new report shows that botnets can be just as annoying (and just as disruptive) on a much, much smaller scale — targeted botnets with only a few hundred (at the most) machines tied together within a single company’s organization. But these “mini-botnets” (as they’ve been dubbed) are just as insidious (if not more so) than the bigger, more well-known attacks. So if your company’s botnet prevention relies solely upon published reports ... more

Google thinks it has the answer to the growing malware threat — tell ISPs to do a better job policing the net for everyone. This wouldn’t normally be funny, but one article I read which discussed the comments started out with the following: As if to underscore its call for greater industry cooperation to fight malicious online ads and content, Google allowed a scam ad to appear briefly atop search results on Tuesday for the term “Firefox.” The sponsored link purported to take Google searchers to the official Firefox Web site, but in fact took them to a different ... more

Twitter is being targeted by a new worm which entices users to click on a link, and then throws up a fake Twitter login page to harvest their login and password. The story is just breaking, so there’s not a whole lot of details, although I’ve seen reports that say the “hook” is a get-rich-quick type of message. But whatever the exact details, this is part of a growing trend of social networking malware attacks this year, which have targeted Twitter (and others) already. Obviously, these sites’ fraud detection services leave a lot to be desired. In any ... more

Last week we reported on a backdoor brute force attack on Yahoo Mail, but it’s worth spotlighting again because more details have come to light. The attack exploits a vulnerability not with the “front door” of the user login page, but rather through APIs in automated software, which Yahoo uses to communicate automatically with its partners on the web. The security hole could have been avoided by using some sort of login protection in connection with the backdoor application, but apparently nobody at Yahoo thought this far ahead. The truly scary thing is that Yahoo is not alone ... more

A new botnet dubbed “Bahama” is causing a huge surge in click fraud, Click Forensics announced recently. The botnet is more sophisticated than most click fraud malware, and is capable of disguising itself to counter filters for automated traffic. This represents a new threat for companies which rely on standard automated filters to block click fraud from happening. The botnet is currently capable of creating up to 30 percent of an advertiser’s budget, and has disguised itself as a “high quality” source of clicks, rather than being dismissed as an automated program. Meaning that something new ... more

Websense has released new numbers on the state of internet security for the first half of 2009, and the flood of malicious software, websites, and various flavors of spam just keep getting worse. The number of malicious websites more than tripled over the last six months, and is up by a factor of seven over last year. Social networking sites are increasingly coming under attack, and are increasingly ineffective in preventing such attacks (maybe they should try a new strategy for combating such attacks). For the first time, Websense quantified user-generated comments to blogs and other such ... more

In a fairly stunning development, it was recently announced that Google is acquiring ReCAPTCHA, Inc. ReCAPTCHA, of course, is a spinoff from Carnegie Mellon University, begun by the man behind the CAPTCHA concept, Linus von Ahn. While CAPTCHA technology has been around for awhile, reCAPTCHA at least used the annoying little “type this text warped beyond any recognition” idea to do some societal good — by editing scanned archaic books for library and research purposes. CAPTCHAs have raised quite a bit of ire online, as any quick blog search will verify. This is because they tend to ... more

Yahoo has become the target of a slightly more sophisticated spam attack on their webmail service. Although brute force attacks are an old tactic, most use the “front door” or common browser user interface for logging in. They then attempt common usernames and common passwords, until they get lucky and gain access to spew spam or mine personal information. But this time, the attack is targeted towards what sounds like an automated interface tool Yahoo uses to communicate with ISPs and third-party apps. Because this type of tool was not designed to detect webmail attacks (and ... more