Subscribe
Printer Friendly
Share this PageFight Identity Theft Blog
F-Secure, a Finnish security company has been able to crack the code the Sober worm was using to update infected machines with new variants.
Here's how the worm works:
- a computer is infected with the worm.
- on a certain date the infected computer tries to "phone home" to receive new code from the worm creator.
- all infected computers able to reach the proper web address are infected with an updated variant of the worm.
Mikko Hyppönen, Chief Researcher at F-Secure described it this way:
"Sober has been using an algorithm to create pseudorandom URLs which will change based on dates. Ninety nine percent of the URLs simply don't exist ... however, the virus author can precalculate the URL for any date, and when he wants to run something on all the infected machines, he just registers the right URL, uploads his program and BANG! It's run globally on hundreds of thousands of machines"
If the security experts could determine the web address the worm was looking for it could be blocked and the worm would be deprived of new code. The problem is the virus and worm creators are a devious and crafty bunch and they don't make it easy to deconstruct what they're doing. Not crafty enough for F-Secure, evidently.
Read how F-Secure cracked the code and the list of potential download sites for new code.
Just to get an idea of how wonderful these worm creators are, here's a quote from F-Secure's blog:
Last thing: Several earlier Sober variants (most notably Sober.Q) have been sending out Neo-Nazi propaganda messages. According to iDefense, the activation date of January 5th is an anniversary date for the Nazi party.
Great. Neo-Nazi worm authors. What did Indiana Jones have to say on the subject? "Nazis. I hate these guys."
Is your computer a zombie? Not sure? Is your virus scanning software up-to-date? Have you even installed a virus scanner on your computer? No???
If not, your computer may be a zombie that is spreading a particularly nasty worm naed “Sober” to thousands of computers worldwide.
Evidently some zombie computers are blasting out thousands of emails that purport to come from the FBI, of all places.
Have you received one these emails from the FBI or CIA recently? It should have looked something like this:
Of course the attached file wasn’t a list of questions from your local G-man but a file infected with a new strain of the Sober worm.
The worm was being sent out via zombie machines infected with earlier versions of the worm. E-mail security vendor MessageLabs said it blocked more than 2.7 million e-mails in the first 24 hours of the outbreak. Man those zombies are working overtime!
ZoneAlarm Security Suite picked up the worm on my machine and removed it before it did any damage. Do you have an updated anti-virus running on your machine? If not, you could be one of those zombies pumping out thousands of worm-ridden emails without even knowing it.
Digital Privacy: A Curmudgeon's Guide
Do you feel it's a losing battle trying to keep your information private? If you do, you're smart. It's impossible to live in our modern society without people knowing more about you than you'd like.
* Your doctor wants you to hand over your families' health history and you social security number.
* The supermarket wants to track how often you buy frozen pizza.
* The government now wants your garbageman to report any suspicious behavior going on in your basement.
What's the solution? Get grumpy. When people ask for information, say no. If they insist, ask for their manager. Ask why they need the information. Does this require some backbone? Yes it does. Just reach around with your arm. You'll find you still have one.
David Holtzman, a privacy curmudgeon, as he puts it, says people respond in different ways to privacy concerns. His categories include the Curmudgeon, the Ignorer, the Avoider, the Deceiver and the Aggressor:
"Ignorers think that there is no problem; Avoiders go out of their way to not be in a situation where they have to give information; Deceivers deliberately give false information whenever possible; and Aggressors get indignant and talk about lawsuits or write nasty letters."
Curmudgeons don't lie or avoid privacy issues. They meet them head on. Here are his six guidelines for becoming a privacy grump. Some are extreme. Don't feel bad if you don't follow all of them. I don't. Just realize that you are exchanging convenience for information:
* Just Say No - If the information requested doesn't have anything to do with product or service you're buying, just say no.
* Pay Up Front - When requesting medical services.
* Ask Why - If they answer, "the computer system requires the information", ask again.
* Pay Cash - Cash transactions can't be tracked.
* Don't Use Wireless Devices - Cell phones and other devices can track and record your whereabouts.
* Don't Use "Convenience Cards" - They are designed to track and analyze your purchasing habits.
Do you buy a lot of stuff on internet auctions like eBay? I've bought a few inexpensive things, but I wouldn't consider buying an expensive item from someone I've never seen before.
Auction fraud does occur on eBay and Yahoo Auctions, just ask Darren Barringer. Darren paid for a laptop on eBay in June 2002, but received a Montreal phone book in his FedEx package instead. That made him upset and curious. So he decided to look through other auctions to see if he could pick out the fraudulent ones. Here's what he found as possible signs of a fraudulent listing:
* Low priced high-ticket items, like high-definition TVs, laptops, or jewelry — especially if there are multiple items for sale.
* Brand-new sellers with no sales history.
* Sellers requesting wire transfers for payment, or payment in foreign currencies.
* Auctions that begin and end over a weekend, since eBay customer support is light during those days.
* Seller telephone numbers or addresses that can't be verified.
I'll be creating some additional information about internet fraud, and auction fraud specifically in the coming weeks. Until then, please be careful when clicking the "Buy" button.
A hacker conference held in New York July 12-14 is making AT&T pretty worried. In the past, conference-goers have called AT&T during their presentation and using social engineering hacking tecniques to get passwords and other information in order to break into computer systems. They record the conversations and later sell the videotapes at their conference. Capitalism at its best!
What is social engineering you ask? It's simply asking the right person for the information you want, posing as someone who should have access to it. For example, suppose the Director of Security from your bank called and told you there had been some unauthorized activity at the bank and he needed to confirm your account information. Would you give it to him? A lot of people would, and that's what makes a hacker's life much easier.
CardCops.com is a somewhat controversial company that fights credit fraud by exposing and publicizing web site hacks and online fraud techniques. The controversy comes up because some are worried that they show potential crackers and hackers too much detail about how to do their dirty work.
Maybe they do go too far, but they've recently released an intriguing free service just for consumers. They allow anyone to type in their credit card number to match it against a database of 100,000 credit cards that have been compromised by thieves. Type in your credit card number? Huh? Is it safe? Are you crazy?
CardCops have been around since the late '90s and work closely with law enforcement organizations like the U.S. Secret Service. Here's a quote from Dan Clements, founder of CardCops, "We're creating a situation where Joe Consumer can check his card on the Internet to see if it's been possibly abused."
Should you try this out? CardCaps is a legitimate organization and I trust their security measures, but you should make your own judgement. Even if you decide to try it, you might have to wait a while — their servers were maxed out from all the people trying out the service.
You're on this web site trying to learn how to protect your identity. One trick we suggest is to say, "put me on your do not call list" when telemarketers call during dinner. Federal law requires telemarketers to keep track of people who don't want to be called. Now, scammers and thieves are taking advantage of what you've learned.
The Federal Trade Commission (FTC) is warning consumers that identity thieves, masquerading as federal employees, are calling people and asking them to confirm that they've requested to be put on a "do not call list." In order to make sure they have the "right person", they are asking the victims to provide social security, bank account, or credit card numbers.
Here's where common sense comes into play. The FTC does not have the time or the money to call every person in the United States asking if they want to be put on a "do not call list." Plus, the telemarketing companies would probably sue the government if they tried it.
The bottom line for avoiding scams: If it sounds fishy, it probably is fishy. Just hang up.
Getting scammed is a bummer. You beat yourself up wondering why you weren't smart enough to see through their tricks. Getting scammed twice has got to feel a lot worse.
Some telemarketing scam artists apparently have created a list of previous fraud victims and are trying to scam them again. Their pitch is that they can recover the money that was stolen in the first fraud, if they sign up for the Teleguard service and pay a fee. They try to create an air of authenticy by stating that they're working with the Better Business Bureau or a state Attorney General's office.
So how can you tell if the people who call you are legit or not?
USE YOUR BRAIN!
Listen how Robert Kenesky, 81, of Sanborn, NY used his brain to fight fraud. The scammers tried to prove they were legitmate by putting him on hold for a few moments and then connecting him with someone who said they were from the New York Attorney General's office. His response?
“This guy rattled on for a while, and then I said, ‘Now wait a minute. If this is the attorney general’s office, I know it takes longer than 1 minute to get through to you people.”
Then he hung up the phone. Very smart.
If you're a college student you've got on more reason to stress out. It appears that the Russian mafia may have planted keystroke tracking software on computers at Arizona State University and four other universities in Florida, Arizona, Texas and California. This software records every key that is pressed on a computer and then makes the information available to a remote hacker.
The great thing about keystoke tracking software is that it takes all the guesswork out of figuring out a victim's PINs, account numbers, and credit card numbers. No dumpster diving is necessary. The program records everything you type before it's encrypted and sent over the internet. So when a student uses a university computer in place to order a CD from Amazon.com or log into their bank account to check their balance, their credit card, bank account number, and PIN are sent to the hacker.
The Secret Service is investigating...
Another e-mail scam where people ask for money. Are we that dumb? This time the sender is supposedly "Bradon Curtis", an American "Special Forces Commando" who wants to share some Taliban drug money with you but needs a bit of cash for the shipping. How nice for Memorial Day weekend. Here's part of the text:
"We will thus send you the shipment waybill, so that you can help claim this luggage on behalf of me and my colleagues. Needless to say the trust (placed) in you at this junction is enormous. We are willing to offer you an agreeable percentage of (these) funds."
Special Offers
Connect With Us
We invite you to become a fan of Fight Identity Theft or just join in the discussion.
Subscribe to Breaking News
Subscribe to Fight Identity Theft and receive top stories and breaking news via email.
Recent Blog Entries
Blog Archives
- November, 2009 (4)
- October, 2009 (6)
- September, 2009 (2)
- August, 2009 (3)
- April, 2009 (2)
- February, 2009 (3)
- January, 2009 (8)
- December, 2008 (8)
- March, 2008 (1)
- January, 2008 (1)
- December, 2007 (3)
- November, 2007 (2)
- October, 2007 (3)
- May, 2006 (1)
- March, 2006 (4)
- February, 2006 (4)
- January, 2006 (10)
- December, 2005 (7)
- July, 2005 (3)
- June, 2005 (4)
- May, 2005 (5)
- March, 2005 (1)
- Credit (12)
- Fraud (36)
- Government (20)
- Identity Theft (37)
- Junk Mail (5)
- Phishing (12)
- Privacy (19)
- Scam (30)
- Technology (50)
- Telemarketing (2)
- Viruses (11)
- Visitor Stories (1)
- Worms (11)
