" Facebook "

Panda Security launches new version of Panda Cloud Internet Protection

–       The new cloud-managed security solution, delivering protection for corporate environments against all types of Internet threats, includes new and powerful features to combat attacks

Panda Security has launched the new version 3.2 of Panda Cloud Internet Protection. The new cloud-managed security solution delivers protection for corporate environments against all types of Internet threats, including botnets, phishing, cross-site scripting and other advanced Web attacks.

The new version of Panda Cloud Internet Protection also delivers powerful access control features allowing companies to filter URLs and restrict access to social networks (Facebook, Twitter, YouTube, etc.), blogs or webmail, etc. This new solution offers three types of protection against such communities:

–       Prevention of infections from IT threats that spread across these types of platforms

–       Regulation of the use of these communities and corresponding bandwidth consumption

–       Detection and protection against data loss through HTTP/HTTPS (SSL) protocols, preventing sensitive corporate information from being published on Facebook or Twitter.

According to the “First Annual Social Media Risk Index for SMBs (Small to Medium Businesses)”, published by Panda Security, the main concerns for SMBs with respect to social networks include privacy issues and financial loss (74%), malware infections (69%), loss of productivity (60%) and issues related with corporate reputation (50%), followed by network performance problems (29%).

Panda Cloud Protection managed security suite

Panda Cloud Internet Protection is included in the Panda Cloud Protection cloud-managed security suite. This cloud-based solution offers maximum protection, cost reduction and increased productivity. The solution can be deployed in just a few minutes and is managed simply and centrally through Panda’s unique, intuitive cloud-based administration console.

Panda Cloud Internet Protection is sold on its own or as part of the Panda Cloud Protection suite, completing the cloud-based security lineup of Panda Security. The company’s SaaS offer now covers all major infection vectors: workstations and servers are protected with Panda Cloud Office Protection; corporate email with Panda Cloud Email Protection and now Internet protection is delivered by the new solution.

Panda Security’s innovative cloud solutions have received numerous international awards and recognition, including the Wall Street Journal Technological Innovation award.

For more information and free trials, go to http://cloudprotection.pandasecurity.com.

For more information about Panda, visit http://www.pandasecurity.com/.

Visit our Facebook Page and Follow us on Twitter  @PandaSecurityZA

Trojans Dominate Cyber Threats in 2010

  • The malware distribution techniques in the spotlight this quarter include clickjacking, BlackHat SEO and 0-day attacks
  • 95% of all email in circulation was spam, and 55% of global spam originated from just 10 countries
  • Android smart phones are being targeted by hackers, thanks to their widespread popularity

Global IT vendor Panda Security has published its quarterly report on global virus activity. This third quarter has once again seen Trojans in the spotlight, as 55% of all new threats created were in this category.

Infection via email, traditionally the most popular vector for spreading malware, has declined in favour of more modern methods: use of social media, such as the clickjacking attacks using the Facebook “Like” button, fake Web pages positioned on search engines (BlackHat SEO) and exploits of 0-day vulnerabilities.

In addition, Google’s Android operating system for smart phones has come into the line of fire. Various threats have appeared recently, aimed above all at racking up phone bills or targeting the geolocalization function of the terminals.

Malware info

55% of new threats created this quarter were Trojans, most of them banker Trojans. This is in line with the general increase in these types of threats that Panda has witnessed over the last two years.

With respect to spam, 95% of all email circulating across the Internet during the last quarter was junk mail. Some 50% of all spam was sent from just ten countries, with India, Brazil and Russia at the top of the list.

“This edition of the report highlights the record levels of threat distribution through new channels”, says Jeremy Matthews, head of Panda’s sub-Saharan operations.

There has also been much talk of two serious 0-day flaws in the code of Microsoft’s operating system. One of these could have been exploited to attack SCADA systems (specifically, nuclear power stations), although this rumor is yet to be confirmed.

On a more positive note, Panda is happy to report the arrest of the creator of the Butterfly botnet kit, source of the notorious Mariposa network that impacted 13 million computers around the world.

And finally, the latest and hopefully last scare of this third quarter: a worm called ‘Rainbow’ or ‘OnMouseOver’. A vulnerability in the code of Twitter allowed JavaScript to be injected, enabling a series of actions: redirecting users to Web pages, publishing javascript on the user’s timeline without their permission or knowledge, etc. Twitter however resolved the problem in just a few hours.

Android: in the firing line of hackers

Over these three months Panda has also witnessed what could be the beginning of a wave of threats targeting smart phones, as it seemed that hackers have started lining up Android, Google’s popular operating system. Two applications have been developed specifically for this platform: FakePlayer, which under the guise of a video player, sends SMS messages generating a hefty phone bill for victims without their knowledge; and TapSnake, an app disguised as a game which sends the geolocalization coordinates of the user to an espionage company.

‘With the rise in social networking attacks and banker Trojans, we encourage users to always be vigilant when using the web, for personal or professional reasons. This coupled with good malware and virus protection, like Panda’s, is the best way to stay safe’, concludes Matthews.

You can download the PandaLabs quarterly report from http://press.pandasecurity.com/press-room/panda-white-paper/

For more information about Panda, visit http://www.pandasecurity.com/.

Facebook hacking analysed – How your identity could be stolen

Global IT vendor Panda Security has received numerous reports from users whose Facebook profile has been hacked and whose identity has therefore been placed at risk. With its millions of users, the world’s most popular social network has become a perfect target for hackers exploiting a dense concentration of potential victims.

Apart from phishing attacks or spam, which are now easily recognized by many Internet users, hackers are employing new methods, which for the moment at least, are proving to be successful. Here is an analysis of the technique which has been most frequently used over recent months:

Step 1: The bait

The bait normally comes from the profile of a friend whose account has already been hacked. Users typically receive a message (which appears to be genuine) suggesting the recipient clicks a link for one reason or another. In most cases, the message offers a “spectacular video” or claims “you appear in this clip”, and normally includes the user name of the recipient.

Step 2: Phishing attempt

Having attracted the attention of the user, cyber-crooks now need to get the user name and password of the intended victim to launch the second phase of the attack. The page that the link points to is a perfect replica of the Facebook login page, but is hosted on another Web address:

Step 3: Gaining complete access

Now the user has clicked the link and entered their login credentials, they have to grant the malicious application, which is running the attack, complete access to their personal information, as well as the rights to post information through their profile. This ensures that the attack can be spread further through friends and contacts of the victim.

After gaining the permission, the attack continues, targeting the victim’s contacts and starting the process all over again with new users.

What to do if your Facebook profile has been hacked

Step 1: Firstly, remove all permissions that have been given to the malicious application. This is a simple process: from Account, select Application settings in the top-right corner of your Facebook profile. This ensures that the application will not continue to have access to your profile once the password is changed.

Step 2: Change the login password! To keep your identity safe, it is advisable to change your password and the user name (it’s a good idea to do this from time to time anyway). This is also easy: Go to Account, then Account Settings in the menu in the top left corner of your Facebook profile. It is also advisable to use strong passwords that cannot easily be guessed.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/

Follow Panda SA on twitter @PandaSecurityZA

Top scams on the Web

–       Every year, thousands of users fall victim to Internet scams. Being able to identify them is the best defense

Panda Security has drawn up a list of the most widely used scams over the last few years. These circulating tricks all have the same objective: to defraud users of amounts ranging from R5000 and upwards.

Typically, these scams follow a similar pattern: initial contact is made via email or through social networks. The intended victim is then asked to respond, either by email, telephone, fax, etc. Once a user has made contact, criminals will try to gain their trust, finally asking for a sum of money under one pretext or another.

“As with all the classic scams that predate the Internet, many of the numerous users that fall for these tricks and lose their money are hesitant to report the crime”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. “And if recovering the stolen money was difficult in the old days, it is even harder now as the criminals’ tracks are often lost across the Web. The best defense is to learn how to identify these scams and avoid taking the bait”.

Panda has ranked the most frequent scams of the last 10 years, based on their distribution and the frequency with which they are received. They are as follows:

Nigerian scam: This typically arrives in the form of an email, claiming to be from someone who needs to get a very large sum of money out of a country (normally Nigeria, hence the name). You are promised a substantial reward if you help to do this. However, those that take the bait will be asked to forward an initial sum to help pay bank fees (often around R 5000). Once you have paid, the contact disappears and your money is lost.  

Lotteries: An email arrives claiming that you are the winner of a lottery, and asks for your details in order to transfer the substantial winnings. As with the previous scam, victims are asked to front up around R 5000 to cover bank fees, etc.

Girlfriends: A beautiful girl, normally from Russia, finds your email address and wants to get to know you. She will always be desperate to visit your country and wants to come immediately, but at the last moment there is a problem and she needs some money (once again, around R 5000 should cover it) to sort out flight tickets, visas, etc. Not surprisingly, not only does your money disappear, but so does the girl.

Job offers: You get an email offering you a job from a foreign firm looking for financial agents. If you accept and hand over your banking details, you will be unwittingly used to help steal money from people whose bank account details have been stolen by the cyber criminals. The money will be transferred directly to your account, and you will then be asked to forward the money via Western Union. You become a ‘money mule’, and when the police investigate the theft, you will be seen as an accomplice.

Facebook / Hotmail: Criminals obtain details to access an account on Facebook, Hotmail, etc. They then change the login credentials so that the real user can no longer access the account, and send a message to all contacts saying that the account holder is on holiday (London seems to be a popular choice) and has been robbed just before coming home. They still have flight tickets but need between R 3000 and R 10 000 for the hotel.

Compensation: This is recent and originates from the Nigerian scam. The email claims that a fund has been set up to compensate victims of the Nigerian scam, and that your address is listed as among those possibly affected. You are offered a huge sum of money but naturally, as in the original scam, you will need to pay an advance sum of around R 5000.

The mistake: This has become very popular in recent months. Contact is made with someone who has published a classified ad selling a house, car, etc. With great enthusiasm, the scammers agree to buy whatever it is and quickly send a check, but for the wrong amount (always more than the agreed sum). The seller will be asked to return the difference. The check will bounce, the house remains unsold and the victim will lose any money transferred.

It’s normal that if you’re not aware of these types of criminal ploys, you might think that you have won a lottery or found true love on the Internet. So here are some practical tips that will help keep you out of harm’s way:

Have a good antivirus installed that can detect spam. Many of these messages will be detected and classified as junk mail by most security solutions. This will help you be wary of the content of any such messages.

Use your common sense. This is always your best ally against this kind of fraud. Nobody gives away something for nothing, and love at first sight on the Internet is a very remote possibility. As a general rule, you should be highly suspicious of these kinds of contacts from the outset.

The Internet is a fantastic tool for a great many things, but if you really want to sell something, it’s better to have the buyer standing right in front of you. So even if you make contact across the Web, it’s better to make the transaction in the ‘real world’, to verify the genuine intentions of potential buyers.

If however, you do fall victim to fraud, Panda advises you to promptly report the crime to the police. “Even though tracking down this type of crime can be complex, law enforcement agencies are becoming increasingly adept at dealing with cyber criminals”, concludes Matthews.

For more information about these and other threats, go to www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.

Teens use ‘Code 9’ to block Parents on Social Networks

  • ‘Code 9’ advises kids and teenagers on how to stop parents from seeing what they are doing and writing on social networks

A few years ago, a technique called ‘Code 9′ was developed and spread among teens and children via email. These emails described techniques to help disguise and hide their chat messages and conversations from parents. Global IT vendor Panda Security has detected the resurgence of these messages, which are now being distributed across social networks like Facebook and Myspace.

According to the latest Kids on the Web security survey, published by Panda in June this year, one in three teenagers has contacted strangers across social networks, “Something that criminal minds are no doubt aware of and will exploit to contact children”, warns Jeremy Matthews, head of Panda’s sub-Saharan operations.

“Interestingly, when you visit the profiles and pages created to spread ‘Code 9’ and you look at the followers and friends, there aren’t many young people. In fact it’s quite the opposite, which gives us an indication as to the sort of people who are interested in distributing this type of information”.

‘Code 9’ itself is really simple: It tells children/teens that to hide their conversations in chat rooms or messaging, all they need to do is mention or write the number ‘9’ whenever their parents or guardians are close by. The other person will then rapidly change the topic or delete any information exchanged.

Pic of a typical ‘Code 9’ message available here: http://www.flickr.com/photos/panda_security/4879123608/

During the holiday periods, many children and teenagers spend more time than usual on the computer. This is a good time to ensure that our children are using the Internet safely and responsibly.

“We always advise that the best way to achieve this is for parents and children to have a relationship based on trust, so it is not necessary to be constantly monitoring kids while they’re on social networks and the like. It also helps to have an Internet Security product that allows parents to restrict access to unwanted sites”, concludes Matthews.  

Since 1990, Panda’s mission has been to detect and eliminate new threats as rapidly as possible, offering clients’ maximum security. To do so, Panda has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of Collective Intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.

Currently, 99.4% of malware detected by Panda is analyzed through this system of Collective Intelligence. This is complemented by the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), and who work 24/7 to provide global coverage. This translates into more secure, simpler and resource-friendly solutions for clients.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.

Exposed: website selling ‘undetectable’ bots

Panda Security has exposed a network selling bots which specialise in targeting social networks and webmail systems. The publicly available website contains an extensive catalogue of programs aimed at social networks and webmail services, including Twitter, Facebook, MySpace, YouTube, Friendster, Gmail and Yahoo amongst others.

Each entry explains the reason for which the bot has been created: creating multiple accounts simultaneously on social networks; identity theft and stealing friends, followers or contacts and the automatic sending of messages. According to the page, “All Bots Work in a conventional manner; they gather friends IDs/names and send friend requests, messages and comments automatically.”

“This is another example of the lucrative business that malware represents for cyber-criminals,” warns Jeremy Matthews, head of Panda’s sub-Saharan operations. “While some of the activities the bots are used for are more innocent – such as the creation of accounts – others are specifically focused on fraud, including the theft of identities and photographs.”

Prices range from $95 (R724) for the cheapest bot to $225 (R1715) for the most expensive. The entire catalogue can be bought for $4,500 (R34284). The network guarantees that they will never be detected by any type of security solution, claiming that they have been developed to change users, agents and headers as many times as is necessary to prevent them from being blocked. They also get round CAPTCHA security mechanisms included on many websites so the buyer just has to set the parameters and leave the bots to operate on their own. The bots also include perpetual updates.

The bots are specially adapted for each website, and the list of targets include not just globally popular social networks or communities, but also local sites. On the same portal there is also an offer to earn money by reselling these ‘products’ as an affiliate.

“It is these kinds of models that help to build cyber-mafias and organizations that operate across several countries. We should still not forget, however, that this business exists not just because there are developers creating the threats, but also because there are criminals who are prepared to pay for them. Until we are able to prevent people from defrauding victims in this way, this business model will continue to thrive,” says Matthews.