Google has confirmed that the error messages people received on Thursday when searching for details of Michael Jackson’s death, was initially perceived as an attack. Searches between 2:45 and 3:15pm were returned with "We're sorry, but your query looks similar to automated requests from a computer virus or spyware application. To protect our users, we can't process your request right now."
The error messages lasted for about 25 minutes on Thursday, just long enough for Google to confirm what was actually going on. The search giant noted that the amount of traffic it saw on this topic was unprecedented, as millions around the world scrambled for accurate information, seemingly all at once. Yahoo has also confirmed that it hit an all-time record for unique visitors with over 16.4 million following the story. This blows away the previous record held by the Obama election day, with a paltry 15.1 million uniques.
The outpouring of sympathy online has been astonishing, and I’m sure Google will learn its lesson on this one.
First detected back in March, the 'Gumblar' attacks have been gaining steam lately, growing by as much as 188 percent in just a single week, ScanSafe warned. Gumblar refers to a Web attack that plants malicious scripts on normally legitimate websites, which then redirects Google search results on victims' PCs.
"A typical series of website compromises reaches peak within the first week or so and subsequently begins declining in intensity as detection is added by signature vendors, user awareness increases and website operators begin cleaning the affected sites," ScanSafe senior security researcher Mary Landesman, said late last week in an advisory.
In Gumblar's case, the opposite has been true, a result of website administrators being affected by the attacks. According to ScanSite, some well known sites have fallen prey to Gumblar include Tennis.com, Variety.com, and Coldwellbanker.com.
Keep those virus definitions up to date, and if you haven't done so already, look into installing an AV app.
After nearly three years of development, Panda Security today released the public beta of its Panda Cloud Antivirus, which the company claims is the first free cloud-based antivirus thin-client. By taking AV duties to the cloud and combining it with local detection technologies, Panda says it can do a better job at protecting your PC than a traditional virus scanner.
"Thanks to Panda Security's Collective Intelligence malware and goodware online database, Panda Cloud Antivirus detects more malware than traditional signature-based solutions which take longer to detect the most recent, and therefore most dangerous, variants," Pedro Bustamanta, Panda Senior Research Advisor, wrote in a blog entry.
The local portion of the program takes up roughly 50MB of hard drive space while consuming about 17MB of RAM, according to a Cnet report. By the time Panda Cloud Antivirus exits the beta stage, Bustamante hopes to have the RAM consumption down to 12MB.
One potential downside to relying on the cloud for antivirus protection is that your PC would be left vulnerable without an internet connection. But not to worry, says Bustamante, who clarified that a local cache copy of Collective Intelligence is kept on the PC for just such scenarios.
Mainstream Media’s fascination with the Conficker virus is somewhat amusing, but the actions of the world’s most famous computer trogan on the other hand are not. According to Fox News, Conficker is finally starting to show signs of life and has begun organizing thousands of machines into a botnet to send email spam and spread malware.
Anybody running anti virus or Windows update is pretty much protected from Conficker at this point, but amazingly this still leaves millions of machines to worry about. It remains to be seen how much longer Conficker will continue to plague the web, but hopefully at the very least this brings computer security to the minds of mainstream users.
So Conficker is spreading spam and spyware? Anyone surprised?
Streetlights didn't stop working, satellites never fell from orbit, and the internet didn't spontaneously combust. So what exactly did the Conficker.c worm manage to accomplish? Up till now, the answer is 'not much,' but Trend Micro warns the worm has started making its move.
It's been just over a week since Conficker.c was supposed to turn machines against man in an epic battle not even Will Smith (the actor, not the Editor-in-Chief) would be able to defeat, and while we can probably put such related fears to rest, Trend Micro security researchers say machines already infected with the worm have begun receiving a new payload through P2P. The payload is being detected as WORM_DOWNAD.E.
"Basically the component it's downloading via peer-to-peer is just a dropper -- so it drops yet another component, which we are in the process of finalizing analysis on now," Trend Micro researcher Paul Ferguson said in a conversation with eWEEK. "It looks like it has some rootkit capabilities, but beyond that right now I can't go into any additional detail, I don't have complete information in front of me."
Conficker.c received much media attention prior to April 1st, when the worm was expected to wreak all kinds of havoc. But April Fool's Day has come and gone without much movement from the worm, which either means the threat was grossly overblown, or its writers are waiting for the dust to settle.
April Fools' Day might be all fun and games for some, but if you manage to fall prey to the Conficker worm, it's no laughing matter. As reported earlier this month by our very own Mark Soper, the third version of Conficker (Conficker.c) is set to wreak havoc tomorrow, April 1st. Here's what you need to know.
What is Conficker?
Conficker is one of the nastiest computer worms in recent history to go on the warpath against Windows-based PCs. First surfacing in October, 2008, Conficker targets Windows 2000, XP, Vista, Server 2003, Server 2008, Server 2008 R2 Beta, and even Windows 7. To date, Conficker has infected over 9 million PCs, shut down French and British military assests, and prompted a $250,000 reward from Microsoft for information leading to the arrest and conviction of the worm's creators.
What Does it Do?
The first two versions of Conficker -- variants A and B -- exploit a vulnerability in the Server Service on Windows-based PCs to take advantage of an already-infected source computer. Once infected, the worm goes to work exploiting the network hole, cracking administrator passwords, prevents access to security websites and services for automatic updates, disables backup services, erases recently saved documents, and among other things, also leaves you vulnerable to other infected machines.
What Happens Tomorrow?
One of the scariest things about Conficker, including Conficker.c, is that its full potential isn't known. Come tomorrow, those infected might be prompted to buy fake sofware products, or it could start monitoring your keystrokes to lift sensitive information like banking passwords. Files could end up deleted, or it might transform your computer into a zombie PC while staying under the radar. Whatever it ends up doing, it won't be good, and you need to take proper precautions right now.
Join us after the jump to find out how to avoid infection, or what you can do if it's already too late. **Now with April 1st Update!**
It is common knowledge that smartphones are fast emerging as a dainty prey for malware proliferators. But a recent press release by IT security firm ESET, which spelled out some of the potential threats in 2009, might have iPhone and Android users worried in particular.
ESET warned in the press release that it expects both the iPhone and Android to become more vulnerable to malware. The company also expects both the smartphone platforms to fall prey to mobile browser exploits that might target their WebKit-based browsers.
The security firm has prognosticated an increase in fake antivirus extortion in 2009. “Some of the major antivirus companies have seen their websites spoofed over the last couple of months,” according to David Harley, Director of Malware Intelligence at ESET. The real threat lies in the fact that internet charlatans are leaving no stone turned in their bid to appear as credible as possible.
Talk to any Mac-inite and he'll tell you how secure his Mac is compared to your Windows-based PC. And admittedly, he's right. But is it because Mac OS X is inherently more secure than Windows, or do virus writers simply not give a damn when there are so many Windows users to target? Justin Long doesn't say, and instead insinuates that Mac users needn't worry about malware - see for yourself.
In what might be an ironic twist, Apple's ad campaign has helped Macs increase its market share and potentially draw attention to the platform as a viable target. For the first time ever, Apple is telling its users to install antivirus software.
"Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult," Apple posted on its support site.
But don't take that to mean that Apple suddenly thinks its operating system is wrought with security holes. As Dave Marcus, director of security research and communications at McAfee points out, malware is targeting data and not a specific OS. Vulnerabilities in Flash and the Safari web browser, for example, have given rise to non-OS attacks.
Reaction to Apple's recommendation? Hit the jump and post your thoughts.
Cyber attacks on the Pentagon are nothing new, but the latest infiltration has the Defense Department taking unprecedented steps to prevent further damage. In doing so, the Pentagon has banned the use of DVDs, flash drives, and all external hardware, according to Fox News.
"We have detected a global virus for which there has been alerts, and we have seen some of this on our networks," a Pentagon official told FOX News. "We are now taking steps to mitigate the virus."
The official stopped short of saying where the virus originated from, and as long as the information remains classified, we may never know. But Fox News did learn that the Pentagon has been aware of an impending attack from a memo that was sent out a week ago.
After it was revealed that some of the Asus Eee Box PCs sold in Japan came with a preloaded virus, the Taiwanese company ordered a recall of all such infected PCs. Now, Asus has placed the entire blame on a second-tier Chinese OEM that had been tasked with the responsibility of manufacturing Eee PCs for the Japanese market.
The unnamed OEM had been chosen in order to cut costs, but eventually became the source of embarrassment for Asus. The company now plans to transfer Japanese Eee Box PC orders to other second-tier OEMs.