Google search results poisoning or WordPress vulnerability ?

A visitor brings to my attention a weird fact: searching in Google for “social bookmarking sites” or “social bookmarking sites 2011″, on the first results page appears www.socialbookmarkingsiteslist.com:   Clicking on this result, take us not to the desired website supposed to contains a list with the most important social bookmarking sites but to http://sokoloperkovuskeci.com/in.php?g=193. The visitor who told me about this issue suggested that it’s about another search results poisoning and a quick search in Google for similar problems revealed that exactly this is the case here: a Google search results poisoning using a vulnerability found in some WordPress themes. A lot of other computer users reported similar problems …

Continue reading

Posted in Thoughts.

Trojan Ransom (WinLock), a growing threat

These days we assist at a worldwide growing threat, the Ransom Trojan(named so by Kaspersky, and Winlock by Dr.web) which is a quite large family. The behaviour of this kind of computer trojan is different from variant to variant but as a general rule they blocks the files and folders access and demand money to restore the normal functionality. The victims are blocked out of the computer, the keyboard and the mouse are partially disabled and a message window appears announcing basically that the computer is blocked and the victim must send the payment to receive the unblock code via  SMS at certain phone numbers. That’s it, the computer is …

Continue reading

Posted in Thoughts.

The new boot record viruses (TDL4) and how to fix the Master Boot Record (MBR)

Coming from the oldest computing times,the boot record viruses remain still one of the most preffered attack vectors. Like their predecessors, the Stoned computer virus(created 1987), Brain(created 1986 and the first PC virus !), Michelangel0(1991), Elk Cloner(1980), actual boot record viruses use the same method of infection: they replace boot record codes with infected code. For who does know what is a boot record Master Boot Record(MBR) or Volume Boot Record(VBR) the advantages of a such infection are obvious. For who does not know about MBR or VBR and their role, here are the details of an Windows PC boot sequence in a simplified form. When the computer is switched …

Continue reading

Posted in Thoughts.

New scam Skype website

A new scam website trying to impersonate the Skype official website appeared on the Internet. The site is http://skype-downloads.ru/ and the details who own the domain are private. The website has a layout and colors(white and blue) trying to imitate the Skype official website and even the Skype logo is present. It has a .ru TLD and is in russian language.     This scam website offers for downloading a fake Skype installer, named skype_setup.exe with 2.42 MB in size and MD5 hash: E4FA92CA336D545E7AF8E253F42F1EDB .This executable is protected with a packer to prevent it from being reverse engineered. If someone is fooled to download and install this rogue software,will be prompted …

Continue reading

Posted in Thoughts.

Popureb.E trojan removal tool released for public

A free removal tool for the Popureb.E malware was released for public by Prevx security vendor, here is the download link. For who does not know, Popureb.E is a trojan that targets the Master Boot Record(MBR) on Windows XP machines. Until now Windows Vista and Windows 7 seems to be immune to this kind of infection. The malware add its code to Master Boot Record being in some fashion invisible to the operating system and antivirus software which are loaded later, after the trojan code. This malware made some waves a few days ago when a Microsoft engineer Chun Feng suffering for excessive zeal recommended an extreme solution to get …

Continue reading

Posted in Thoughts.

Fake avast! antivirus website

A fake website for the well-known avast! antivirus is floating around the Internet trying to scam the users. Even if it is a subtle difference between the original domain of the avast! antivirus and the fake(scam) domain, you can notice it easily. http://www.avast.com  - this is the original domain of avast! antivirus http://avast-download.com  - this one is a fake domain for avast! The registrant informations for the fake avast! domain are private, the Whois Lookup reveals only: Domain avast-download.com Date Registered: 2010-9-21 Date Modified: 2010-9-21 Expiry Date: 2011-9-21 DNS1: 1.nseasy.com DNS2: 2.nseasy.com Registrant Private Whois Service Private Whois Service fp75akd4d95245d8b60e@oqjij874d9300d54bd95.privatewhois.net *******PLEASE DO NOT SEND LETTERS****** ****Contact the owner by email …

Continue reading

Posted in Thoughts.

Top Ten computer security myths

I thought it is a good idea to make a list with the top ten popular beliefs but in reality misconceptions about home computers security, if you know more please let me know and I will re-entitle this article “Top Twenty computer security myths”. Failing to avoid these wrong ideas result in exposing your computer to a higher risk of infection with computer viruses, compromised online accounts and presumably financial loses. The most recent case was when somebody loses bitcoins worthing $500,000 from his account, due to a computer virus infection with a computer trojan. It was enough that only a single file, wallet.dat containing account informations to be stolen …

Continue reading

Posted in Thoughts.