“We’re number one! We’re number one!” Well, on second thought, it’s not really anything to brag about or cheer about. Because the United States topped the list of spam-producing countries in a recent report from Sophos. One in every six spam emails is now being generated from America. This rather alarming figure shows that while cyberattacks are often launched from other countries, American computers are so infected that we provide the donkey work (from computer users who don’t even know they’ve been compromised by malware) for the world when it comes to actually generating spam. The ... more

A threat to business bank accounts has surfaced, possibly due to the fact that business bank accounts do not have the consumer cyberfraud protections private bank accounts enjoy. Meaning that, when scammed, businesses have no recourse and just have to eat the loss. The article is too long to post in its entirety, but the full article is well worth reading for any business who conducts banking online. From Brian Krebs’ “Security Fix” column at the Washington Post online: Earlier this month, I wrote about Bullitt County, Kentucky, which lost $415,000 after criminals planted malicious software ... more

Whether or not the latest installment in the Harry Potter movie franchise will become the biggest movie merely of this year, or actually break all-time records, is yet to be determined. But it’s looking like a pretty safe bet that it’ll be the biggest movie ever used by hackers to piggyback their malware onto millions of computers of people who want to see it for free. At least, until the next one comes along, that is. Increasingly, pop culture events are used as a convenient “hook” to lure prey in for spammers and hackers worldwide. The reason ... more

The security company Finjan is reporting they’ve uncovered a “one-stop shopping” website for anything a scam artist could need in the way of botnets. Though the article is lacking in detail, in general terms it outlines a pretty scary idea — making it easier for botnet operators to communicate with their “clients.” Which, as I said, is a pretty terrifying concept. Read the whole article, and see what you think: Researchers have uncovered what is said to be a fully-functional marketplace for building and selling botnets. According to security firm Finjan, the site allows for criminals to obtain ... more

The FBI’s press office issued a statement recently to clarify stories in the media about the extent of a malware attack over a week ago. The tone of the statement is a bit touchy, as the FBI attempts to tell its side of a story published by a New York paper. I have reproduced the entire press release here, so everyone can see their side of the story:   FBI Press Release A published report in The New York Post on May 29, 2009, regarding the FBI’s external, unclassified computer network contains factual errors and inaccuracies. The New York ... more

People downloading free versions of Windows 7 from peer-to-peer file sharing networks got an unpleasant surprise along with their “free” software — a free virus. This is an interesting twist in the ongoing battle against malware, because the malware doesn’t have to be installed, it gets installed directly with the system. It has been used before, because it works so well. The user thinks they are installing a perfectly “clean” system, and instead they get a pre-installed virus which immediately contacts a remote server to download even more malware. Brian Krebs, at washingtonpost.com, has the full story: ... more

Score one for the University of California, Santa Barbara. Earlier this year, online security researchers there successfully exploited a weakness in the Torpig botnet (a.k.a. Mebroot, Sinowal) after reverse-engineering the code, and registered domains the bot used to contact “command centers” to receive updates and new instructions. Because the bot’s creators had neglected to register all the domain names generated by the bot, UCSB was able to outflank it. By doing so, they reaped an enormous amount of stolen data, and in the end was able to get all the other domain names used by the bot ... more

The world’s economy may be suffering, but the tidal wave of malware and online attacks shows no signs of abating any time soon. The criminals behind these attacks are smart enough to change their tactics as the situation demands, meaning a rise in phishing attacks targeting online tax preparation this week, and (in general) spam and virus attacks shaping their message towards up-to-date and relevant news items as well. A recent article on TMCnet summarizes a Symantec report detailing the scope of the threat, which is growing at an alarming rate: As IT security experts warn taxpayers about the ... more

Brian Krebs, who writes the “Security Fix” column at Washingtonpost.com, is improving on his already-impressive record. He was instrumental in shutting down the spam king McColo last fall. And just last week, after I wrote about his story on a rogue anti-virus program (the “Traffic Converter” affiliate program), the program was stopped and shut down by Visa and MasterCard descending upon them in Germany (because of Krebs’ reporting). All in all, Krebs is racking up a pretty solid record of online crime-busting which goes above and beyond the duties of a tech journalist. But he’s reporting now ... more

From Brian Krebs of washingtonpost.com’s “Security Fix” column comes news of the insidious Trojan horse “Tigger.A” which seems to be flying under a lot of anti-virus programs’ radar systems. And its target is more specific than most: stock trading. Even more insidious, it protects the computers it infects by removing other malware to stake out its own territory, so to speak. Here is the full article, with an explanation of how it works (there is also an update posted, so check out the link for further information if interested): A relatively unknown data-stealing Trojan horse program that has ... more