CyberSafety.co.za

Tonight at 7pm South African time, Panda’s second annual blogging event will be streamed live from Madrid, Spain.

The three-hour summit will consist of a roundtable discussion, bringing together several American and Spanish security experts and other Internet figures. This edition will focus on Internet users’ security, including education and awareness issues; legislative regulations, inter-country coordination and privacy limits, as well as initiatives and actions required to improve the security situation.

Watch it live here.

Panda Security’s free antivirus, Panda Cloud Antivirus, has received Microsoft’s ‘Compatible with Windows 7’ certification after passing the company’s quality checks, for both 32-bit and 64-bit systems.

Panda Cloud Antivirus is the first antivirus especially designed to offer protection from the cloud. Available free from www.cloudantivirus.com, it safeguards users from new malicious code practically in realtime as all processes take place on the Internet, minimising any impact on PC performance. The release version of Panda Cloud Antivirus was launched on November 10 after being in beta since April 2009.

Adopting a next-generation approach to IT security, Panda Cloud Antivirus is driven by Collective Intelligence, Panda’s advanced system which gathers malware information from its global community of users in the cloud. The system can automatically identify and classify new malware strains in minutes, combining local detection technologies with real-time cloud-scanning to maximize protection while minimizing resource consumption.

Recently, Panda Cloud Antivirus won the “Editors’ Choice™” distinction for free antivirus solutions from PC Mag. The publication’s security analyst Neil Rubenking said in the review: “It’s a very good, very lightweight tool even when measured against the for-pay security antivirus available. And it’s the best free antivirus software available.”

Panda Cloud Antivirus scored a perfect 10 in rootkit and rogue antivirus detection.

“Panda Cloud Antivirus is impressively effective at keeping malware from infesting a clean system,” said Rubenking. “It’s a powerful defender against malware attacks—and it’s free.”

Panda Cloud Antivirus has also won top honors in PCWorld’s comparative review as the best antivirus for detecting malware.

Download it for free here.

Facebook is currently experiencing a massive surge is fake virus warnings. The fake warning is distributed via email and users are forwarding it or publishing it on Facebook walls, thereby further spreading the hoax. The text of the fake warning reads as follows:

ALERT >>>>> Has your Facebook been running slow lately? Go to “Settings” and select “application settings”, change the dropdown box to “added to profile”. If you see one in there called “un named app” delete it… Its an internal spybot. Pass it on. about a minute ago….i checked and it was on mine.

There is no associated link, but if users search the Web for more information, they will encounter numerous malicious websites designed to download fake antiviruses.

The fake antivirus (or rogueware) in this case is cold LivePcCare.

Panda have urged Facebook users not to help spread this fake AV rumour. To make sure that you system isn’t infect you can go to our free tools page.

Keeping safe on the web doesn’t have to cost the earth — not least because of a range of free Panda tools we’ve got for you here on CyberSafety — check ‘em out here. Want more info about how they work? Give the folks at Panda a ring — 0860 PANDA [72632].

Below is the low down of the tools:

Panda Free Cloud Antivirus
Recognised for being “the first anti-virus without an update button”, Panda Cloud Antivirus delivers the fastest protection against the newest and most dangerous viruses. This is made possible thanks to Collective Intelligence, which guarantees the fastest protection against the newest and most dangerous malware.

Panda USB Vaccine
This is a free tool for vaccinating your USB memory sticks and other external devices to prevent contamination from viruses and other threats.

Panda Anti-rootkit
A free tool to detect if your computer contains rootkits (applications that help hide other threats).

Panda Safe CD
This utility will clean your PC when it is infected and your usual antivirus cannot resolve the problem.

WOT Security plug-in for your browser
Panda Security and WOT offer you this free plug-in for your browser, to warn you whenever you’re about to access a dangerous Web page.

Enjoy!

Panda evangelist Sean-Paul Correll has created a video that explains how banking Trojans work. He writes on the PandaLabs blog:

Banking Trojans are one of the most prevalent Malware species in the threat landscape today.  Malware authors aim to keep infections live and undetected long enough so that they can get what they are really after: money. Financial motivations lead malware developers to craft the stealthiest banking Trojans to steal personal and financial data for further exploitation on the black market.  Day after day innocent victims are hacked with the end result being an emptied out bank account. This video demonstrates how dangerous and stealthy banking Trojans can be and why we must continue to raise awareness on the issue.

Watch the video below:

Live Demo: Banking Trojan from Panda Security on Vimeo.

Panda Security’s anti-malware laboratory has identified a new, more aggressive trend for selling fake antivirus programs or rogueware. Until now, when a computer was infected by this type of malware, users would typically see a series of warnings prompting them to buy a pay version of the program. Now, these technologies are being combined with ransomware, hijacking the computer and rendering it useless until victims complete the purchase.

“The way this rogueware operates presents a dual risk: firstly, users are tricked into paying money simply in order to use their computers; and secondly, these same users may believe that they have a genuine antivirus installed on the computer, thereby leaving the system unprotected,” explains Jeremy Matthews, head of Panda’s sub-Saharan operations.

Once a computer is infected, any attempt made by the user to run a program or open a document will be frustrated. The only response from the computer will be to display a message falsely informing the victim that all files are infected with the only solution being to buy the fake antivirus.

This fake program, called Total Security 2009, is offered for €79.95 (almost R600). Victims are also offered ‘premium’ tech support services for an additional €19.95 (about R150). Users that pay the ransom will receive a serial number, which, when entered in the application, will release all files and executables, allowing them to work normally and recover their information. The fake antivirus however, will remain on the system.

“Users are often infected unknowingly – in most cases, through visiting hacked websites, and once a computer is infected it is extremely difficult to eliminate the threat, even for those with a certain degree of technical knowledge,” says Matthews. “Users are also prevented from using any type of detection or disinfection tool, as all programs are blocked. The only application that can be used is the Internet browser, conveniently allowing the victim to pay for the fake antivirus.”

For this reason, Panda has published the serial numbers required to unblock the computer if it has been hijacked on the PandaLabs blog. Users can then install genuine security software to scan the computer in-depth and eliminate all traces of the fake antivirus.

PandaLabs recently published a report about the lucrative business of rogueware. The shift towards hijacking computers indicates either that users are becoming more adept at recognizing these threats and that security companies are beginning to close the net. This would explain why hackers are becoming more aggressive in the methods used to force the victims into paying. The PandaLabs report is available here.

The serial numbers and a video demonstrating how this scam operates is available on the PandaLabs blog.

Malware-creators have broken all records when it comes to creating new threats. Over the last three months, PandaLabs, Panda Security’s anti-malware lab, has recorded five million new strains of malware. Most of these were banker Trojans, although adware and spyware have also increased.

This was revealed in the PandaLabs quarterly report detailing cyber-threat activity from July to September. The report can be downloaded here.

“We are currently receiving some 50,000 new examples of malware everyday,” explains Jeremy Matthews, head of Panda’s sub-Saharan operations. “This is a massive increase from the 37,000 samples were detecting daily just a few months ago. There is no reason to believe that the situation will improve in the coming months.”

Q3 saw a 15% rise of computers infected by malware compared to the previous quarter. In more than 37% of cases, the culprits were Trojans, while adware was responsible for 18.68% of all infections. This category in particular has seen significant expansion due to the major proliferation of fake antivirus programmes.

Panda has detected a major growth in the distribution of malware through spam, social networks and rogue search engine optimization techniques, which draw users to spoof Web pages from which malware is downloaded. These methods for propagating malware often use social engineering, exploiting a range of current issues such as swine flu, Independence Day, forest fires or speeches of Barack Obama.

Download the PandaLabs report here.

“Any Facebook account can be hacked” – so claim the creators of an online service which, for only $100, allegedly provides clients with the login and password credentials to access any account on the popular social networking site. This not only includes accounts belonging to ordinary people, but also celebrities, politicians, or well-known companies.

Uncovered by global IT security vendor Panda Security, the criminal outfit conducts payments online through Western Union, with the money transferred to the Ukraine, further fueling the perception that most Internet mafias are based in Eastern Europe. The domain that hosts the service is registered in Moscow.

The company claims to have been offering this service for four years with only one percent of accounts hack-proof. In these cases, they offer clients a money-back guarantee. However, the domain is just a few days old.

Users can also get extra dollar-credits to spend on the service when they hack more accounts. They can even become affiliates to help hackers reach a broader audience. These affiliates receive 20% of what they sell in credits for hacking more accounts.

“The system’s real purpose may be hacking Facebook accounts as they say, or profiting from those that want to try the service,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “In any case, the Web page is very well designed. It is easy to contract the service and become either the victim of an online fraud, or a cyber-criminal and accomplice in identity theft.”

Once an intruder hacks into a Facebook account, all personal data published on the site can be stolen. Similarly, those accounts can also be use to send malware, spam or other threats to the victim’s contacts. In the case of celebrities of other well-known entities, they can be used to defame the account holder such as through spreading information in their name.

Find out more at the PandaLabs blog.

Panda Security, the global IT security vendor, and Against Intuition, the developer of the leading community-based safe surfing tool, Web of Trust (WOT) have partnered to deliver a safer Web search experience through their new co-branded version of WOT.

The WOT browser add-on warns Internet users about risky websites, providing protection against online scams, identity theft, spyware, spam, and unreliable shopping sites. Safety ratings are provided for search results when using Google, Yahoo!, Wikipedia and other popular sites, helping people protect their computers and personal information. WOT’s protection is now extended with Panda’s up-to-the-minute information on malware distributors and dangerous domains.

The free WOT security add-on is available for Firefox and Internet Explorer users worldwide and can be downloaded from Panda’s website. Enhanced by Panda’s latest information on new malware strains and phishing threats, WOT uses an intuitive traffic-light style rating system to help Internet users stay safe as they search, browse, and shop online. Web site ratings are continuously updated by 5 million members of the WOT community and from numerous trusted sources, such as phishing site listings.
“As with our cloud-based Collective Intelligence technologies, we believe in the power of the community to improve the safety of the user,” says Jeremy Matthews, head of Panda Security’s sub-Saharan operations.

“We are excited to have Panda, a respected security company as a partner in our goal to make the Internet a safer place for everyone,” says Against Intuition’s CEO Esa Suurio. “WOT prides itself in providing frontline protection in the battle against online threats, and with this strong collaboration between Panda Security and Web of Trust we have strengthened both our offerings and given our users a definite advantage against cybercrime.”