Thousands of machines are being compromised by Eastern European cyber criminals, who are taking log in details and passwords for online banking and other personal data. Forming a ‘botnet’, the affected machines are being used to harvest credit and debit card details, in addition to other personal information. The people running the fraud are evidently very familiar with UK banking systems, as the methods used to generate data are very specific to this country.

In addition, social networking sites are being targeted for login information and passwords by the scam. It is thought that the criminals are using Trojans (messages which look innocent but contain malicious code) to obtain data.

The 100,000 machines, which all use Windows software, have been infected with a Trojan known as Zeus. Zeus, also known as Zbot, is what is known as a banking Trojan. Zeus is passed around as an e-mail attachment, or software downloads which look like legitimate applications. The Trojan logs keystrokes to capture password, and evolves and adapts to prevent it from being identified by anti-virus software.

At the moment, it is thought that Zeus affects several million machines. A spokesperson for Trusteer, who first located the network, stated: “The fraudsters are very familiar with UK banking systems. I have contacted the Metropolitan Police central e-crime unit to alert it to the scam, as well as affected banks. Attacks like this have become the norm. 100,000 computers being targeted by a Trojan does not necessarily mean that 100,000 UK customers will have had their details successfully used by the fraudster. In the highly unlikely event that any one of the 23 million UK customers who bank online is an innocent victim as a result of this attack they can expect to get their money back.”

“However, this one is unusual because it uses a new variant of the malware and also predominantly targets people in the UK. Our researchers were able to identify the geographical location of victims, after they gained access to the command and control centre of the network. One of the nice features of that is that it provides you with stats regarding operating systems and the geographical information of the bots. We actually used the fraudsters’ own data to assess the botnet and determine that it actually targets the UK.”

Related posts:

1. Demon internet emails your details to… Everyone
2. Mac Trojan found in Pirated Programme
3. Windows XP vulnerable to online attacks

During an attack, users see control of their PC being handed over to cyber criminals. The loophole, which was discovered in June, has seen attempts to hack become successful as the attackers have developed malware more quickly than anticipated. The attacks take advantage of XP’s remote aid facility, which is there to enable Microsoft technicians to get access to machines in order to provide remote support for users.

Hi-tech criminals have pounced on the loophole with gusto, and are making the most of the flawed system to obtain access to people’s machines. Once they gain access, they quickly download spam tools, viruses and Trojans to affected PCs. People who do not regularly use anti-virus software to protect their machines are defenseless against the attacks, leaving their personal and business machines completely vulnerable.

An investigation by Microsoft has revealed that a number of different attackers are now benefiting from the flawed software. Users in Portugal are currently being targeted the most by hackers exploiting the loophole, with additional victims in Croatia and Russia.

The most effective way of protecting a PC which uses the software and could be vulnerable is to disable the Help and Support system which is acting as a gateway to hackers. Microsoft have issued a tool which will undertake to disable the system automatically, until such time as a fix can be circulated to prevent the attacks.

A senior researcher at Trend Micro advises: “It’s certainly very serious and is now being actively exploited by what appears to be several different groups as you can see from the multiple payloads being delivered. It is important to ensure that your security software is capable of identifying and blocking malicious websites, as you can be sure that the criminals behind this will be constantly updating their malicious files to try and avoid traditional security.”

Related posts:

1. Hackers hit jackpot of discussion forum personal data
2. Botnet sweeps computers for bank details
3. Security issues with Android

This week, the House of lord’s committee have found that the internet security that surrounds the United Kingdoms critical national infrastructure is one of the best in the whole of Europe.

In a statement they revealed that all of the essential UK utilities such as government systems and of course banking are very well setup to cope with any natural disasters or cyber attacks that may occur.

Whilst this announcement is extremely good news for the UK the findings of the House of Lords committee were not all positive. They also found that many of the other systems in the EU, especially those in less developed countries in Eastern Europe, had extremely vulnerable internet infrastructures that if attacked could have an unforeseeable knock on effect to our systems here in the UK, according to Lord Jopling, chairman of the committee.

In the cyber-world, an attack on one country can affect another,” Jopling said. “Some countries are not as well prepared as the UK, and here we see a role for the EU to play in bringing up countries with deficiencies to the level of the UK.”

So we are safe if any attack is made on us but lets all cross our fingers that no where in Eastern Europe suffers from a cyber attack, when they sneeze, we may catch a cold.

Related posts:

1. US Government getting serious about Online Security
2. Phone users urged to check security capabilities
3. Medio Goes to the UK and Europe with Mobile Search Ad

Although this may not sound particularly ‘scary’ McAfee thought that it was enough of an issue to sound the alarm about these fake programs. Possibly because they may be costing them money by taking away subscribers, or maybe they are generally concerned, I guess we will never really know.

A statistic released by Datamation, that details a McAfee labs report, which revealed that as many as 1 million people are being targeted by scareware every day, is a pertinent one, revealing exactly why McAfee are so concerned.

They were so concerned in actual fact that that they have decided this week to launch a consumer threat alert program that will provide a blog and e-mail subscription service to do the honourable job of keeping consumers clued up on all the latest online scams going around the internet, for a small fee… Surely if they are so concerned it should be a free service?

McAfee claim that internet users are scammed out of roughly $300 million a year by these programs that prey on the naiveté and lack of confidence of many internet users. They present them with what usually does look a perfectly legitimate warning that their system may be under threat and that they risk losing all data, the user will then be prompted to purchase some rogue software that will do nothing but cost them money and on occasion spread a virus through their system.

So it seems McAfee are doing a good thing by issuing a warning about these threats as many people do not realise the dangers and costliness of these scareware programs. However, it would seem fairly beneficial to McAfee at the same time, as they can now offer another paid subscription service just to inform people of dangerous content whilst re assuring them that they are the best program to use to keep your computer safe, fair enough.

Related posts:

1. Facebook Partner up with McAfee
2. McAfee to acquire mobile security firm
3. Mac Trojan found in Pirated Programme

The report confirms the widely held fear that the global network of spammers has almost fully recovered from the setback it encountered last year, when many less than reputable servers around the world were closed down. The study also revealed some illuminating insights into exactly how we get spammed – essentially the Americans get their spam early in the morning whilst Europeans get more of a steady stream.

The report basically underlines the need for the technology community to get to grips with the spam & malware phenomenon. Email spam is purely a numbers game – if you can send out 2 million scam emails then you are simply going to get a few takes. Right now it would seem like the numbers are very much in their favour.

Related posts:

1. MySpace plans to launch Email Service
2. Malicious Malware Authors exploit Obama win
3. Mobile Internet use to Skyrocket

The good news is that the infrastructure is fine, the Internet is working as well as usual and is in no danger of failing. As expected really – even if the spammers behind Conficker.c had the power to crash the Internet, as spammers would it really be in their interests?

Basically, for all the hyperbole that’s been flying around recently Conficker.c is just a worm, a very widespread one, but a worm nonetheless. We’ll probably see an increase in spam over the coming weeks but that should be it.

Related posts:

1. Majority of Email is Spam
2. Spambots return after very brief Hiatus
3. Malicious Malware Authors exploit Obama win

Apparently, kids as young as 11 or 12 are online searching for techniques to commit fraud and/or break into restricted websites. I suppose we shouldn’t be too surprised, after all this is the most web savvy generation ever – it’s no real surprise that some of these kids overestimate their abilities and get themselves into trouble. According to analysts many children initially get into trouble by looking for exploits and cracks for their favourite computer games and then move onto more serious, even criminal, hacking activities.

Related posts:

1. Pay Per Click Advertising Combats Fraud
2. Record Traffic for Celebrity and Presidential News – Part 1
3. Ten Reasons for an Increase in Your Search Budget – Part 4

They continue to use this as one of the cornerstones of their marketing, despite growing evidence to the contrary like this iWork Trojan.

Lately there has been some suggestion that even elements within Apple itself would like the comapny to be more up front about the risk to their systems. The clearest example of this was late last year when a section appeared on Apple’s own support website suggesting that Mac users purchase not one but two virus protection programmes, just to be sure. The section was quickly removed and denounced as inaccurate.

Related posts:

1. Intego get involved in ‘Virusgate’
2. Botnet sweeps computers for bank details
3. Hackers Can Ruin Your Rankings

As far as getting rid of it goes, that’s a little too complicated to go into here, though there are numerous helpful guides out there, (there’s a particularly good one on the Google Webmaster Blog) so there’s no need to despair.

After you’ve done the necessary fumigation, convincing Google that your site is now clean requires you to request a malware review from Google. They’ll take a look at your site, if they don’t agree that it’s clean they’ll present you with a list of the remaining dangerous URLs for you to clean up. If they do, you can expect the warnings on your site to disappear within 24 hours, though it may take a little longer for some browsers, i.e., Firefox to recognise the change.

If you feel your ranking has been affected by your bout of malware, it may also be worth filing a reconsideration request.

Being hacked is no fun at all but it needn’t ruin your week. If you follow these steps, you’ll be back on your feet in no time.

Related posts:

1. Kinect hacked immediately upon release
2. Hackers Can Ruin Your Rankings
3. Beyond Google Earth