Friday, February 24, 2006

Trojan Briz.A Steals Web Form Data & Hides As iexplore.exe

PandaLabs has detected a new Trojan called Trj/Briz.A, whose main aim is to steal personal user data from affected computers. This code stands out because it specializes in stealing bank details and data from web forms and that its author customizes the code for hackers.

The code creation system gives hackers the option to generate a Trojan that cannot be detected by any antivirus protection, as the author checks it every day.

In spite of this, TruPrevent(tm) Technologies incorporated in Panda Software's solutions have detected this code without needing to be able to identify it first.

Apart from the code, cyber-crooks that buy this crimeware also get a complex system for controlling the status of the infection caused by the custom Trojan.

This allows the client to get a list containing a large quantity of data about the infected computers: IP addresses, passwords and even the physical location of the computers.

In this way, the cyber-crooks can always have their malicious activity under control. PandaLabs is working, along with other companies to analyze and close all the sites related to this Trojan.

The file that causes the Trj/Briz.A infection is called "iexplore.exe" It uses this name to pass itself off as Internet Explorer.

When it is run, it downloads different files and stops and deactivates Windows Security Center services and Shared Internet Access. It also collects information on programs like Outlook, Eudora and The Bat, which it sends to the attacker.

To make it difficult to detect and disinfect the Trojan, it alsomodifies the hosts file to prevent access to websites related to antivirus products. This Trojan is the most complex example of the business network based onmalware.

Where as hackers used to create malicious code to simply have fun, they now have direct financial goals, designing their creations based on a criminal business model.

This data is reflected in the annual report published by PandaLabs, which is available at http://www.pandasoftware.com/NR/rdonlyres/ADF8E433-3BC3-46A2-AF57-9710CFAF9181/7274/02_Annual_Report_PL_2005.zip .

Luis Corrons, director of PandaLabs, explains that "as authors of Internet threats have changed their objective, which is now financial gain, they have also changed the way they design their threats. Therefore, they try to ensure that their creations go unnoticed, to both users and security companies, for as long as possible.

"For users to protect their computers against these codes, "they need technologies like TruPrevent(tm), with which we have been able to detect a code like Trj/Briz.A, which would otherwise have been very difficult to find," says Corrons.

Adware Is More Than Just Annoying

Common adware features:
  • Drive-by downloads without your permission.
  • Corrupts the integrity of your computer.
  • Redirection of Web links without asking.
  • Use of HTTP protocol to spy on you.
  • Use of cookies to store and pass on your personal data.
  • Capture of authentication data from your PC.

Ads are often tailored based on your surfing habits or closely matched to the website you are visiting at the time.

If you think about ad ware in the context of TV viewing, it's as if the TV was observing your lifestyle and displaying ads based on what it observed about you as you watched TV.

For example, your TV ad might be for a competing beverage or snack aimed at convincing you to switch brands.

Adware smacks of invasion of personal privacy and sometimes borders on theft of personal information. You are much better off without all of your online activities being reported back to various companies, most of whom you've never done business with in the first place.

Read more about adware removal

Wednesday, February 22, 2006

Apple Safari Browser Vulnerability Reported

A critical vulnerability has been reported in the Safari browser shipped with Mac OS X, which could allow an attacker to automatically run scripts when a user visited a malicious website.

The flaw affects how MAC OS X determines which program must run to open certain types of files. If a Unix shell script is renamed with a Safari extension, it is considered 'safe'.

If the '#!' sequence is omitted and it is compressed in ZIP, Safari can be tricked into downloading the script, decompressing it and assuming that it 'safe', then passing it to the Mac OS X Terminal application to run.

This could allow an attacker to use ascript to delete data or programs, damage the configuration or obtain personal user information. Apple is working on an update that resolves this problem, known as a 'zero day exploit'.

In the meantime, Safari users can disable the option"Open 'safe' files after downloading" in the General panel in the browser preferences. This option is disabled by default in new installations of Mac OS X 10.4.5, but enabled by default in old systems or in systems that have upgraded to Mac OS X 10.4.5.

Sunday, February 19, 2006

Free Adware Remover

Need help removing spyware, malware, and other pests?

Doing adware removal manually is annoying. Many of these ad-ware pests are very hard to remove. Pest programs that make their removal difficult usually fall into the malware category.

These type of pests often take control of the search function of your browser - returning false results and taking you to sites you had no intention of visiting. You'll end up at pages with nothing but ads and no way to leave them except by clicking on some stupid ad.

Even worse, without it being removed, this type of spyware will track your surfing habits and report that back to hidden third parties. Some of these programs steal passwords and other financial information. If you do your taxes on your computer, you definitely need to clean these pest programs off your PC.

Some adware makes removal difficult as it goes to great lengths to prevent you from successfully removing it. For example, Cool Web Search spyware contains 17 separate components.

Leave any single component on your PC and Cool Web Search automatically re-installs itself!

Important features in tools for adware removal include:
  • Automatic update of pest control definition files
  • Scheduled scans for automatic adware removal
  • Scan on the fly - search files or downloads for hidden pests
  • Free trial download - Try it out for free
The best product for easy removal is No Adware. It does all those things and more. You can even try it for free. Click here for more information on the top Adware Remover.

Use the free trial option to see how effective No Adware is at removing these junk programs that slow down your PC, trigger popup ads, and steal important data from your computer.

No Adware really is the best tool for removal of spyware and malware. Try it for free and see for yourself right now.

Click here for Free Trial of Adware Removal.