" spam "

Cyber-activism and Cyber-warfare major IT Security Topics in 2011

  • WikiLeaks is ‘unstoppable’
  • Cyber-activism on the increase, but cyber-war is an ‘exaggerated term’

Global IT vendor Panda Security reports that cyber-activism and cyber-warfare will continue to be major topics in IT security this year.

The 3rd Security Blogger Summit, recently hosted by Panda in Madrid, focused on cyber-activism and cyber-war as well as on the new dangers posed to users and institutions on the Internet. The roundtable discussion highlighted the most recent examples of these emerging trends, international cooperation and the limits of these activities on the Web. The discussion also centered on the new trends for 2011 and the legal framework against this type of Web activity.

Opinions about cyber-activism and WikiLeaks proved relatively united, with most of the participants agreeing that it is an unstoppable phenomenon. “There is no way to stop a phenomenon like WikiLeaks”, said Enrique Dans, panel member. “In the future anybody will be able to disclose relevant information from a website, as contaminated as this might be.”

Bob McMillan, a San Francisco-based computer security journalist explained that, in his opinion, “WikiLeaks is as important as The New York Times. It’s has helped those who wanted to expose sensible information, and to think of changing the legislation in the wake of a denial of service attack like those in the operation ‘Avenge Assange’ is very difficult”. Operation ‘Avenge Assange’ was initiated by the Anonymous group and Operation Payback, targeting firstly organizations trying to close the net on Internet piracy, and later in support of Julian Assange, editor-in-chief of WikiLeaks.

Cyber-activism was discussed as a growing occurrence. Participants agreed that the technical evolution means people are able to replace meetings and gatherings with internet-based tools. Furthermore, the global situation that the technical evolution has created means that cyber-activism is possible on an international scale, with it becoming more and more unnecessary to gather large amounts of people in order to attract attention. IT researcher Rubén Santamarta indicated that, “Cyber-activism was born from the global situation we live in. Even users with limited technical know-how can join in the distributed denial of service attacks (DDoS) or spam campaigns.”

Despite hasty attempts in many countries to pass legislation to counter this type of activity, effectively by criminalizing it, Panda believes that in 2011 there will be yet more cyber-protests, organized by this group or others that will begin to emerge.

Cyber-war: Reality versus sensationalism

The Summit participants also discussed some of the most relevant examples of cyber-war, such as the alleged attacks targeting Iran’s nuclear plants using the Stuxnet Trojan, as well as Operation Aurora, concerning attacks on Google from China in order to steal secret corporate information.

Panel members Elinor Mills and Bob McMillan coincided in pointing out that the term ‘cyber-war’ was ‘too exaggerated’ for the actual events taking place. “We still do not know the real dimensions of cyber-war and it is easy to confuse it with espionage or even cyber-crime”, explained Elinor Mills. Bob McMillan added that, “Even though Stuxnet has been used as a cyber-weapon, it does not mean that we are already knee deep in a cyber-war. If there really was a cyber-war, it would be on a global scale, as with the two Great Wars of the 20th century.”

However, others insisted on the idea that the cyber-war phenomenon is at its early stages and will probably become a reality in 10 years’ time. “We are talking about a war without an army. It is a fourth-generation war where it is possible to damage a country without having to invade it with soldier”, says Santamarta. “A country can have another one under control through the Internet even before they have declared war on each other”, he concludes.

While the debate over cyber-war and its effects continue, Panda believes that these kinds of web attacks will increase in 2011, with many of them remaining unnoticed by the general public.

More information about the 3rd Security Blogger Summit is available at www.securitybloggersummit.com.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter

Trojans Dominate Cyber Threats in 2010

  • The malware distribution techniques in the spotlight this quarter include clickjacking, BlackHat SEO and 0-day attacks
  • 95% of all email in circulation was spam, and 55% of global spam originated from just 10 countries
  • Android smart phones are being targeted by hackers, thanks to their widespread popularity

Global IT vendor Panda Security has published its quarterly report on global virus activity. This third quarter has once again seen Trojans in the spotlight, as 55% of all new threats created were in this category.

Infection via email, traditionally the most popular vector for spreading malware, has declined in favour of more modern methods: use of social media, such as the clickjacking attacks using the Facebook “Like” button, fake Web pages positioned on search engines (BlackHat SEO) and exploits of 0-day vulnerabilities.

In addition, Google’s Android operating system for smart phones has come into the line of fire. Various threats have appeared recently, aimed above all at racking up phone bills or targeting the geolocalization function of the terminals.

Malware info

55% of new threats created this quarter were Trojans, most of them banker Trojans. This is in line with the general increase in these types of threats that Panda has witnessed over the last two years.

With respect to spam, 95% of all email circulating across the Internet during the last quarter was junk mail. Some 50% of all spam was sent from just ten countries, with India, Brazil and Russia at the top of the list.

“This edition of the report highlights the record levels of threat distribution through new channels”, says Jeremy Matthews, head of Panda’s sub-Saharan operations.

There has also been much talk of two serious 0-day flaws in the code of Microsoft’s operating system. One of these could have been exploited to attack SCADA systems (specifically, nuclear power stations), although this rumor is yet to be confirmed.

On a more positive note, Panda is happy to report the arrest of the creator of the Butterfly botnet kit, source of the notorious Mariposa network that impacted 13 million computers around the world.

And finally, the latest and hopefully last scare of this third quarter: a worm called ‘Rainbow’ or ‘OnMouseOver’. A vulnerability in the code of Twitter allowed JavaScript to be injected, enabling a series of actions: redirecting users to Web pages, publishing javascript on the user’s timeline without their permission or knowledge, etc. Twitter however resolved the problem in just a few hours.

Android: in the firing line of hackers

Over these three months Panda has also witnessed what could be the beginning of a wave of threats targeting smart phones, as it seemed that hackers have started lining up Android, Google’s popular operating system. Two applications have been developed specifically for this platform: FakePlayer, which under the guise of a video player, sends SMS messages generating a hefty phone bill for victims without their knowledge; and TapSnake, an app disguised as a game which sends the geolocalization coordinates of the user to an espionage company.

‘With the rise in social networking attacks and banker Trojans, we encourage users to always be vigilant when using the web, for personal or professional reasons. This coupled with good malware and virus protection, like Panda’s, is the best way to stay safe’, concludes Matthews.

You can download the PandaLabs quarterly report from http://press.pandasecurity.com/press-room/panda-white-paper/

For more information about Panda, visit http://www.pandasecurity.com/.

Teens use ‘Code 9’ to block Parents on Social Networks

  • ‘Code 9’ advises kids and teenagers on how to stop parents from seeing what they are doing and writing on social networks

A few years ago, a technique called ‘Code 9′ was developed and spread among teens and children via email. These emails described techniques to help disguise and hide their chat messages and conversations from parents. Global IT vendor Panda Security has detected the resurgence of these messages, which are now being distributed across social networks like Facebook and Myspace.

According to the latest Kids on the Web security survey, published by Panda in June this year, one in three teenagers has contacted strangers across social networks, “Something that criminal minds are no doubt aware of and will exploit to contact children”, warns Jeremy Matthews, head of Panda’s sub-Saharan operations.

“Interestingly, when you visit the profiles and pages created to spread ‘Code 9’ and you look at the followers and friends, there aren’t many young people. In fact it’s quite the opposite, which gives us an indication as to the sort of people who are interested in distributing this type of information”.

‘Code 9’ itself is really simple: It tells children/teens that to hide their conversations in chat rooms or messaging, all they need to do is mention or write the number ‘9’ whenever their parents or guardians are close by. The other person will then rapidly change the topic or delete any information exchanged.

Pic of a typical ‘Code 9’ message available here: http://www.flickr.com/photos/panda_security/4879123608/

During the holiday periods, many children and teenagers spend more time than usual on the computer. This is a good time to ensure that our children are using the Internet safely and responsibly.

“We always advise that the best way to achieve this is for parents and children to have a relationship based on trust, so it is not necessary to be constantly monitoring kids while they’re on social networks and the like. It also helps to have an Internet Security product that allows parents to restrict access to unwanted sites”, concludes Matthews.  

Since 1990, Panda’s mission has been to detect and eliminate new threats as rapidly as possible, offering clients’ maximum security. To do so, Panda has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of Collective Intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.

Currently, 99.4% of malware detected by Panda is analyzed through this system of Collective Intelligence. This is complemented by the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), and who work 24/7 to provide global coverage. This translates into more secure, simpler and resource-friendly solutions for clients.

More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.

Social network apps used to aid housebreaking

With the boom in social networks and the numerous applications now available for sharing information across the Internet, global IT vendor Panda Security advises users to take extra precautions in order to prevent falling victim to computer fraud.

“This year we advise users to take particular care with the information they share across social networks”, says Jeremy Matthews, head of Panda’s sub-Saharan operations. “This applies particularly to applications used to plan journeys or to locate people geographically through GPS devices, as this information could easily be exploited and used to aid housebreaking.”

These types of applications have become highly popular over the last year. Facebook apps such as Doorpl or Trip Advisor (which show messages describing where you are or where and when you are planning to go); the Twitter geolocation utility (displaying where tweets have been sent from), or services for locating mobile devices through GPS (now widely employed by iPhone or Android users), are just a few examples.

While many of these programs are interesting and fun, the problem lies in the exploitation of this information by criminals. The emergence (and closure) of services like Pleaserobme, which as its name suggests, connects with these applications to offer information about who is not at home, is just one example of the abuse of these applications. “This underlines how careless we can be as users when offering personal information publicly”, adds Matthews.

There are numerous precautions that users are encouraged to take in order to prevent being exploited during the holiday season.

Users who take their PC’s with them on holiday are advised to back up all their information as they face the risk of having their PC’s stolen or breaking down while away. In addition they are advised to have reliable, up-to-date protection with all the necessary security patches installed.  

Although encrypting the information on their hard disks may seem a tiresome or complex task, is another strong security measure Panda encourages users to take as it prevents anyone from accessing data without the right password.

Furthermore, users should never connect to unprotected WiFi networks, as they could be hooking up to a network set up by hackers to steal any information that they share across the Internet. It is always better to use secure, trusted networks, even if it means paying more. Lastly, users are advised to take care with email as phishing attacks and spam are becoming increasingly sophisticated.

In addition to this holiday advice, there are constant precautions that should always be taken.

No one should use applications for planning journeys offered by social networks, to ensure that you can’t be located. Similarly, users shouldn’t accept the geolocation function in Twitter or use this application from their cell phones.

Users who do spend time in chat rooms while on holiday should also never reveal any personal or confidential details to anyone unknown. If users notice any suspicious behavior on social networks (strangers with too much of an interest in your holiday destination, dates, etc.) they should contact the police. All these safety tips should be shared with children, who are more naïve than their parents and therefore make easier targets.

“In addition to the above, it is worth remembering some of the basic security measures at this time of year. Turn off your router when you leave home, beware of typical, holiday-themed phishing, take care with dubious looking websites, as many of them are designed to infect your computer… and, above all, have a great holiday”, concludes Matthews.

More information is available at the PandaLabs blog: http://www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.

iPads infected with iPhone virus

Panda  Security has found that malware designed to infect iPhones can also compromise the popular iPad.

Given the increasing popularity of Apple devices and their growing market share, malware designed specifically to target these platforms is beginning to attract more attention. Last year, Panda raised the alert about a worm, iPhone/Eeki, able to infect jailbroken iPhones (i.e. those that have been tampered with in order to install unofficial applications). The worm was also able to spread to iPod Touch.

Logically, all malware designed for iPhones will have the same ability to infect and spread to iPad devices. This is because the iPad and the iPhone share the same operating system, known as iPhone (v3), or iOS (v4) in the forthcoming version.

‘This doesn’t mean we’re about to face an avalanche of infections’, says Jeremy Matthews, head of Panda’s sub-Saharan operations. ‘However, we have always stated that as Apple takes more market share, cyber-crooks will begin to show more interest in targeting those that use this platform.’

Despite the fact that Apple decided to totally close off the hardware (making it impossible to install peripherals) and the software (all applications are installed from the manufacturer’s App Store) cyber-criminals have found a way to infect jailbroken devices with malware.

‘With more and more proof of Apple being targeted, we advise all Mac users to follow the manufacturer’s recommendations to increase security on their operating systems’ concludes Matthews.

Since 1990, Panda’s mission has been to detect and eliminate new threats as rapidly as possible in order to offer maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda’s new security model which can even detect malware that has evaded other security solutions.

Currently, 99.4% of malware detected by Panda is analyzed through this system of collective intelligence. This is complemented by the work of several teams, each specialised in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc).This translates into simple, secure and resource-friendly solutions for users.

For more information, visit http://www.pandasecurity.com/.

Cyber-crooks using celebs as bait

With the Oscars announced last week, Panda Security, the global IT security vendor, has revealed the most popular celebrity names sent in malicious emails (spam and malware-infected emails) by cyber-crooks.

“Cyber-criminals are always keeping track of the names that users frequently search for on the Internet or those that often crop up in forums or social networks,” says Jeremy Matthews, head of Panda Security’s sub-Saharan operations. “They then use these names when sending spam. This way, they entice users into opening the emails and following links or running attachments. This is known as social engineering. Users that take the bait will invariably end up infecting their computers with a virus or worm that could seriously damage their PC.”

The results of the survey clearly indicate how Hollywood actors were the favorite bait of cyber-crooks in 2008. Specifically, Brad Pitt (12.57%) and Tom Cruise (12.14%) occupied the first two places in the ranking and accounted for almost a quarter of all malicious mail related to famous people. They are this year’s joint-winners of the malware Oscars.

The girls weren’t far behind, though, occupying most of the remaining places in the top ten. Actresses Angelina Jolie (11.62%), Lindsay Lohan (10.15%), and Jessica Alba (9.52%) were in fourth and fifth and seventh places respectively. Jennifer Aniston, with 5.14%, was 10th in the ranking.

However the list also contained singers, both established and aspiring. Britney Spears was in third place with 12.01% of the total while the participants in American Idol came in sixth place, accounting for 9.79%.

Eighth and ninth places were occupied by the veteran TV presenter Oprah Winfrey (8.08%) and celebrity heiress Paris Hilton (6.64%) respectively.

Christina Aguilera, Barack Obama, Lewis Hamilton, Tiger Woods, Rihanna, Shakira, Madonna, Scarlett Johansson and Fidel Castro are some of the other famous names that have been used recently used as bait by cyber-crooks.

Typical phrases that are used in these emails include:

“Angelina Jolie nude”
“Britney Spears hot images”
“Rihanna exposed”
“Scarlett Johansson spills boobs”.

Matthews advises users not to open any unsolicited mail claiming to contain stories or photos of famous people and never to run any attachments or follow any links in these messages. If you think you’ve got a virus, you can scan your PC at www.infectedornot.com. You can also get cool internet safety tips from Panda’s blog: www.cybersafety.co.za

The Malware Oscar Winners:

Brad Pitt – 12.57%
Tom Cruise – 12.14%
Britney Spears – 12.01%
Angelina Jolie – 11.62%
Lindsay Lohan – 10.15%
American Idol – 9.79%
Jessica Alba – 9.52%
Oprah Winfrey – 8.08%
Paris Hilton – 6.64%
Jennifer Aniston – 5.14%
Others – 2.34%