Step down Playstation and Xbox! A Russian Web site has come up with the ideal project for aspiring malware moguls - a make-your-own spyware kit called WebAttacker. The kit is presented so simply, even a child could do it.
It explains to buyers the process needed to send spam warnings to users about the deadly H5N1 bird flu virus and offers "health advice" via a malicious link. Once reached, the bogus Web site makes the user vulnerable to malware.
"This type of behaviour is inviting the return of script-kiddies," said Carole Theriault, senior security consultant at Sophos. "By simplifying the task of the potential hacker for a mere 'tenner`, sites like this one will attract opportunists who aren`t necessarily very skilled and turn them into cyber-criminals."
This exciting product goes for $15, with the site offering free technical advice to boot.
Account info
MS plans to remedy this Secunia-classified high-level threat with the release of its next security update.
Ilva Pieterse, ITWeb contributor
Another Russian site is selling eBay account information to interested buyers. It claims to have set up a Trojan that steals eBay log information, especially accounts with minimal seller/buyer activities. Both eBay and PayPal account information, with a complete list of users available is up for grabs. Be warned however, for the better the feedback is on a given account, apparently, the more expensive it is.
Sleeping bots
Topping the freaky list this week has to be sleeper robot armies, lying in wait for massive attack. Juuso Hukkanen posted a newsgroup article highlighting activity by sleeper cell bots. When activated, these bots could unleash their fury on any machine attached to the Internet.
Hukkanen writes specifically of the strange behaviour he noticed by a bot named FuntKlakow. It has been registering itself to hundreds of phpBB (free and open source system using the PHP scripting language) forums. This could indicate the next time phpBBs announce a vulnerability, the potential "terrorbot" could cause mayhem in thousands of forums.
I wonder how long it will take before instruction kits on setting up terrorbots are available?
IE-ai-eEye-oh
Microsoft admitted this week that Internet Explorer 6.0 for Windows XP contains a new vulnerability that throws PC data into the lion`s den via an "unlocked" backdoor, making it MS`s third security flaw in seven days.
The code to exploit this flaw has already been published on the Internet and can be used to unleash an e-mail-based virus on unsuspecting victims via an attachment or site-redirect. This leaves PCs open to control by a malicious user who can then, in turn, use the PC to open-fire on other machines.
And no one is safe, not even users of fully patched versions of Explorer 6 or users with XP Service Pack 2.
MS plans to remedy this Secunia-classified high-level threat with the release of its next security update, expected on 11 April, claiming it is "not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time". The vendor has warned users with the old "be wary of opening unsolicited attachments" and to turn off active scripting.
Third party to the rescue... Security firm eEye released a workaround to keep Windows users temporarily safe from this flaw, but warn it should not be seen as a substitute for a fully tested patch, having been designed to automatically remove itself when Microsoft`s patch comes through.
This is good news for users who are not clued-up enough to be able to turn off active scripting and those that cannot do without it.
Nash`s dash
Also from the MS newsdesk: This week Mike Nash, corporate VP of the security technology unit is being replaced by Ben Fathi, current GM in the Windows Server division. Nash is not leaving, however, but stepping aside for a new role within the company.
Strangely enough, this job swap comes only days after Microsoft`s Vista delay announcement.
Sources used: The Register, ITToolbox, Search Security
Share