More Storm activity spotted

The Storm worm is in amourous mood once again with a new wave of malware being sent from the botnet, according to security firm MessageLabs.

A network of PCs, under the control of cybercriminals but without the knowledge of their owners, is churning out spam emails containing a malicious file called iloveyou.exe.

With subject lines including 'With All My Love', 'If Loving You', 'With Love', 'We Belong together' and 'Our Love is Free', the spam emails use similar tactics to previous campaigns run by the Storm botnet which focused on Valentine's Day.

MessageLabs said that the main locations where the spam originates from include the UK, Russia, the US and the Netherlands.

Paul Wood, senior analyst at MessageLabs said: "This attack should serve as a warning shot to those who are not securing both their email and web traffic properly."

Three weeks ago, MessageLabs said that the botnet was reduced to just five per cent of its size in April, but rival security firm Symantec since claimed that the Storm worm was still evolving.

Last week, security firm Trend Micro said that it had seen the Storm botnet using a file that suggested that it was either targeting PCs that had an 'adware' program from Zango installed or had been employed by Zango to push the adware.

Zango has since denied that it had anything to do with the Storm botnet.

Original Story

Posted by Annette King in Virus & AntiVirus News at 15:33

Microsoft has just snared a U.S. patent for proactive virus protection, which is how security software helps secure your PC when it encounters shape-shifting malware not already in its antivirus definition file. What I want to know is, what does this mean for all the other vendors -- like McAfee, Symantec, Kaspersky, and Trend Micro -- that have been selling proactive protection software for years? Do they now have to pay Microsoft protection; I mean, royalties?

Here's the quick low-down on the new Microsoft patent. Issued on June 20, patent number 7,376,970 is entitled "System and method for proactive computer virus protection." The inventor is Adrian Marinescu, who was at one point (maybe he still is) a lead developer on the Windows kernel team, heavily involved in the heap manager. He previously worked on Windows NT's object manager, which is a key software traffic-cop managing the interaction among all the executive kernel subsystems. All this is by way of saying that Mr. Marinescu clearly knows his operating-system internals.

Posted by Annette King in NOD32 News at 14:38

It looks as if Vista's reputation for improved security could be heading for the pages of history. PC Tools has renewed last week's attack on the platform with new figures that appear to back up its claim that Vista is almost as vulnerable as its predecessors.

According to analysis from the Australian company's ThreatFire user base, 58,000 PCs running Vista were compromised by at least one piece of malware over the six months to May 2008, equivalent to 27 percent of all Vista machines probed. Vista made up 12.6 percent, or 190,692, of the 1,513,502 machines running Windows in the user base.

In total, Vista suffered 121,380 instances of malware from its 190,000 user base, a rate of malware detection per system is proportionally lower than that of XP, which saw 1,319,144 malware infections from a user base of 1,297,828 machines, but it indicates a problem that is worse than Microsoft has been admitting to.

Only a week ago, PC Tools revealed that Vista was as likely to be hit with software vulnerabilities as Windows 2000, a claim that was denied by a Microsoft staffer in a blog.

Posted by Annette King in Adware, Spyware and Trojans at 16:30

Five people were arrested Monday in Los Angeles and others were being sought in connection with an international online "phishing" scheme that defrauded thousands of victims and hundreds of financial institutions, federal authorities said.

A total of 33 people, U.S. citizens and foreign nationals alike, were named in a 65-count indictment charging them with participating in the Internet-based fraud, prosecutors said. The indictment, unsealed today, was returned by a federal grand jury in Los Angeles.

Five other people were indicted in Connecticut, along with two people who are also named in the Los Angeles indictment, federal officials said.

The Los Angeles indictment charges the defendants with crimes including racketeering conspiracy, bank fraud and aggravated identity theft. The bank fraud charge alone is punishable by up to 30 years in federal prison.

Posted by Annette King in Virus & AntiVirus News at 15:25