Posts Tagged ‘Spyware’

PCs Come Pre-Installed With All Your Favorite Malware

Malware and viruses are bad, but so long as you’re careful, your PC will stay squeaky clean, right? Maybe not. Microsoft has found that many PCs from China are coming with malware pre-installed, as many as a fifth.

As if bloatware wasn’t bad enough, the four offending computers all run forged versions of  Windows, forged versions of Windows with all kinds of nasty functionality baked right in. Generally, the malware is designed to control the PCs for use in a botnet, In worse cases, the viruses could remotely engage cameras and microphones.

You’re probably safe; most of the computers that suffer from this come from relatively unregulated markets like China. Still, even if your laptop is clean having more infected computers out there isn’t going to be good for anyone. Microsoft has been trying to fix the problem with a lawsuit, but it’s a big problem to fix. For the time being, don’t buy a new computer in China if you can avoid it

Back to School Special Offer – Buy VIPRE Antivirus get TuneUp Utilities FREE!

VIPRE Antivirus is the light-weight and highly effective antivirus program that does not slow down your PC. Using next-generation technology, VIPRE protects your computer from all types of malware threats including viruses, adware, spyware, worms, rootkits, and more.
And VIPRE is supported by a world-class team of experts, with toll-free support and free malware removal assistance! Get VIPRE today and get the peace of mind of the world’s most-loved antivirus product!

Buy today and get TuneUp Utilities FREE

Waledac botnet poised for comeback?

About a year ago a federal judge granted a very unusual request by Microsoft to shut down almost 300 domains that were used as command-and-control centers for the Waledac botnet. The move was generally hailed as a success by the security community: it dealt Waledac a huge blow and the botnet all but dropped off the radar of most online threat analyses. However, now Waledac seems to be back—and this time it’s armed with a sizable cache of valid FTP and email credentials that enable it to alter Web pages to serve malware and send “high quality” spam under the names of legitimate ISP customers.

According to security vendor Last Line, Waledac has accumulated almost half a million valid login credentials for POP3 email accounts around the Internet, as well as more than 120,000 valid login credentials for FTP servers. The vast number of login credentials may be significant: Waledac’s controllers use the credentials to log into the servers and, where possible, alter the contents of existing Web pages to server malware, promote pharmaceuticals, or engage in other forms of online scams. The POP3 logins mean that Waledac-controlled computers can connect to ISPs as legitimate customers—and send email using their accounts. The ability to bypass authentication requirements for sending email could give spam from Waledac systems an edge in defeating blacklisting and techniques that validate senders—from the point of view of the receiving system.

“The Waledac botnet remains just a shadow of its former self for now, but that’s likely to change given the number of compromised accounts that the Waledac crew possesses,” Last Line wrote on its blog.

The security community noticed Waledac coming back to life at the end of 2010, but Last Line’s analysis is the first reported look at the resources available to Waledac’s operators.