Malware Pushers Have No Respect for the Dead (and the Best of the Best Windows Blog Posts of 2007)

Mark Soper — Mon, 31 Dec 2007 20:13:04 -0600

Computerworld reported over the weekend that malware pushers are using the assassination of Pakistani leader Benezir Bhutto to spread variants of the ZLOB Trojan, a notorious backdoor gateway to lots of assorted malware. Here's how it works:

When users find a link to a purported video of the assassination and attempt to play it, the website pops up a message that you need to download a new video codec to play the video. The 'codec', complete with an authentic-looking EULA, is actually the ZLOB Trojan.

The TrendMicro blog's article, The ZLOB Show: Trojan Poses as Fake Video Codec, Loads More Threats, provides an illustrated guide to how ZLOB works and some of its variants.

The Icrontic website provides a five-step tutorial to help you stop ZLOB in its tracks.

Keep in mind that the safest places these days to view breaking news video are at established news websites such as Fox News, CNN, MSNBC, NBC, ABC, and CBS.

And, now, stay tuned for the top three Windows blog stories of the year at MaximumPC.com on page 2.

Number 3 in our 'ten best' of 2007 coverage is our story on the release of Windows Vista SP1 RC. It provided an easy-to-understand and concise guide to where to get Vista SP1 RC, what to do first, and what to expect. Users gave it 8 diggs and provided plenty of feedback on their experiences.

Number 2 is What We Should Learn from "Bad Tech August". This review and analysis of August 2007's tech woes (including Skype's meltdown, Sony's USB-fingerprint reader rootkit fiasco, the data-theft attack on Monster.com users, and Google's shutdown of Google Video and its DRM authentication servers) garnered 29 diggs and plenty of discussion about copy protection, lost product keys, and other hassles.

And (the envelope please), number 1 is our October story on Vista Activation Strikes Again - Time to Fight Back, which discussed numerous examples of how Windows Vista's activation servers turned out to be legitimate users' worst enemies. It picked up 13 diggs and plenty of comments from disgusted users. Page 2 of the comments tells users how to complain to Microsoft and its PR firm - and maybe your complaints did some good.

One of the many new features coming in Windows Vista SP1 is that users who have unactivated systems will now see nags onscreen, instead of having their systems go into the dreaded 'Reduced Functionality Mode' (aka a time-limited Internet Explorer browser window). If you're already using Vista SP1 RC (or plan to give it a try), keep in mind that this change won't happen until the final Vista SP1 release is installed. Sometimes, it pays to complain!

And, an honorable mention goes to the December stories on how to fix the MS07-069 Security Update glitches. In our December 19 story, Bedeviled by IE Browser Crashes? Try These Fixes, we suggested recycling a fix Microsoft had used for similar problems after an earlier 'Patch Tuesday' security update. In our December 20 followup, MS07-069 Windows XP Woes Solved (and We Suggested It First!), we reported that Microsoft was now recommending the exact same Registry fix we suggested first. Between them, these posts garnered 7 diggs, as well as a few comments from users wondering why we just didn't recommend using Firefox (think Windows Update).

Catch part 1 and part 2 of our 'ten best of 2007' series.

Thanks again for stopping by frequently in 2007. We'll be back with much more news, analysis, and interesting stuff in 2008! Happy New Year (and remember, don't drink and drive - or, for that matter, don't drink and mouse!).

Maximum PC Blast from the Past RSS Feed

Malware Pushers Have No Respect for the Dead (and the Best of the Best Windows Blog Posts of 2007)