Malware

Overheard: Is Kraken buzz just Damballa’s attempt to make a name for itself?

“Many folks in the anti-virus and broader Internet security space say Damballa is trying to make a name for itself by hyping this threat, and that Kraken is nothing more than a renamed and repackaged “Bobax,” a worm of similar lineage and methods that was discovered several years ago.” Brian Krebs, Kraken Spawns a Clash of the Titans

Overheard: Google says you’ll find web-based malware in 1% of all search results

It has been over a year and a half since we started to identify web pages that infect vulnerable hosts via drive-by downloads, i.e. web pages that attempt to exploit their visitors by installing and running malware automatically. During that time we have investigated billions of URLs and found more than three million unique URLs on over 180,000 web sites automatically installing malware. Niels Provos, Google Anti-Malware Team

In the past few months, more than 1% of all search results contained at least one result that we believe to point to malicious content and the trend seems to be increasing.

Ordinary web pages are contributors to web exploitation. Therefore, even if someone was to avoid adult web pages, she would still be exposed to risk.

Overheard: Zombie army is not just a scary Halloween story

“What’s scarier than a Zombie flashmob at an Apple store? John Naughton’s article about how the Storm worm is being used to assemble a Zombie Army.”   This is really scary stuff.

‘If Storm were a disease,’ says Bruce Schneier, ‘it would be more like syphilis, whose symptoms may be mild or disappear altogether, but which will come back years later and eat your brain.’

Naughton writes: Storm has been spreading steadily since last January, gradually constructing a huge botnet. It affects only computers running Microsoft Windows, but that means that more than 90 per cent of the world’s PCs are vulnerable. Nobody knows how big the Storm botnet has become, but reputable security professionals cite estimates of between one million and 50 million computers worldwide. To date, the botnet has been used only intermittently, which is disquieting: what it means is that someone, somewhere, is quietly building a doomsday machine that can be rented out to the highest bidder, or used for purposes that we cannot yet predict.

Storm is different. It spreads quietly, without drawing attention to itself. Symptoms don’t appear immediately, and an infected computer can lie dormant for a long time.