Paul Wallbank – Brilliant Communications

Tag: malware

  • Discussing Cryptolocker and Internet of Things security on ABC Radio

    Discussing Cryptolocker and Internet of Things security on ABC Radio

    If you missed the program, you can listen to the segments through Soundcloud.

    Tuesday morning with Linda Mottram on ABC 702 I’ll be discussing Cryptolocker ransomware, the security of the Internet of Machines and the tech industry’s call for less internet surveillance.

    It’s only a short spot from 10.15am and I’m not sure we’ll have time for callers, but one of the big takeaways I’ll have for listeners is the importance of securing your systems against malware, there’s also some security ideas for business users as well.

    We’ll probably get to mention the ACCC’s warnings on smartphone apps and the current TIFF bug in Windows as well.

    If you’re in the Sydney area, we’ll be live on 702 from 10.15, otherwise you can stream it through the internet.

    Similar posts:

    • No Related Posts
  • Potentially unwanted applications – what are we are installing on our smartphones?

    Potentially unwanted applications – what are we are installing on our smartphones?

    One of the notable things about the technology industries is there are always new terms and concepts to discover.

    During a visit to Sophos’ Oxford headquarters last month, the phrase ‘Potentially Unwanted Applications’ – or PUAs – raised its head.

    PUAs come from the problem application developers have in making money out of apps or websites. The culture of free or cheap is so ingrained online that it’s extremely hard to make a living out of writing software.

    As result, developers and their employers are engaging in some cunning tricks to get customers to download their apps and then to monetize them, particularly in the Android world which lacks the tight control Apple exercises over the iOS App Store.

    “What’s interesting about Android,” says Sophos Labs’ Vice President President Simon Reed, “is it’s attracting aggressive commercialisation.”

    The fascinating thing Reed finds about this ‘aggressive commercialisation’ is where the distinction lies between malware and monetisation and when does an app or developer cross that line.

    Reed’s colleagues Vanja Svajcer & Sean McDonald explore where that line lies in a paper titled Classifying PUAs in the Mobile Environment which they submitted to the Virus Bulletin Conference last October.

    In that paper Svajcer and McDonald discuss how these applications have developed, the motivations behind them and the challenge for anti virus companies like Sophos and Kaspersky in categorising and dealing with them.

    The authors also flag that while the bulk of the revenue generated by these apps comes from advertising, there are serious privacy risks for users as developers try to monetize the data many of these packages scrape from the phones they’re installed on.

    Svajcer and McDonald do note though that potentially unwanted applications aren’t really anything new, we could well classify many of the drive by downloads that plagued Windows 98 users at the beginning of the century as being PUAs.

    What we do need to keep in mind though that what is driving the development of PUAs is users’ reluctance to pay for apps and that it’s going to take a big change in customer attitudes for this problem to go away.

    For businesses, this is something managers are going to have to consider as they move their line of business applications onto mobile devices, as Marc Benioff proposed at the recent Dreamforce conference.

    Sophos’ Simon Reed believes potentially unwanted apps won’t be such a problem in the workplace however. “Consumers may have a different tolerance towards PUAs than commercial organisations,” he says.

    The prevalence of PUAs on mobile devices does underscore though just how careful organisations have to be with who and what can access their data. It’s another challenge for CIOs.

    Similar posts:

    • No Related Posts
  • Social malware and cunning tricks

    Social malware and cunning tricks

    Last week an interesting media release from anti-virus company Bitdefender appeared in the inbox describing a tricky little scam that promises to change Facebook page colours but actually grabs a user’s information to set up fake blogs associated with the victim’s email address.

    Those fake blogs in turn link to a working from home scam, the type which are becoming depressingly common online. No doubt the malware authors have some sort of interest in that scheme.

    What makes this malware interesting is how it brings together a range of opportunities for the malware writer – social media, apps, data aggregation, identity spoofing and the Ponzi affiliate schemes that are prevalent as people try to find new ways to supplement their income.

    Many people say “I’d never get caught by these scams” but the reality is the scammers are rat-cunning, if not clever. Assuming you’re immune to these because you’re too smart, or you use a Mac or there’s nothing of value on your computer is a risk in itself.

    Here’s the media release from Bitdefender.

    Google Chrome App grabs identities, forges blogs in victims’ name to promote scam

    Bitdefender catches Facebook colour scam with both hands in cookie jar

    SYDNEY/AUCKLAND November 19, 2012 – A Google Chrome app that promises to change the colour of Facebook accounts instead nabs authentication cookies and generates dozens of blogs registered to the victims’ Gmail address, in a new scam analysed by Bitdefender, the leading global antivirus company.

    Once the malicious app is installed from Google’s Chrome Web Store, it starts displaying a large Google Ads banner redirecting users to a “work from home scam.” When clicking the sign-up link, users are redirected to a fraudulent website.

    “Scammers gave a new twist to the old change-your-Facebook-colour scheme that’s been luring users to fraudulent websites to grab credentials and other sensitive data,” says Chief Security Strategist, Catalin Cosoi. “By creating dozens of blogs for a single account, the scam spreads like wildfire among Facebook friends.”

    The blogs generating under the email address of the victims, which are used in further disseminating the scam, have registered a large number of hits among users in the US, the UK, Germany, Spain, Romania, and other countries.

    The app can also post wall messages on the victims’ account. The messages use friend tagging to convince the victim’s friends to visit the blog domains. Each time the app posts on a users’ timeline, it links to one of the auto-generated blogs as to avoid blacklisting.

    Bitdefender encourages users to use an antivirus solution and the free application Safego, which protects Facebook and Twitter accounts from scams, spam, malware and private data exposure.

    Similar posts:

  • ABC Nightlife: Apps down the farm

    ABC Nightlife: Apps down the farm

    If you missed this program where we covered a wide range of subjects, you can listen to the ABC Nightlife podcast of the show.

    Paul Wallbank joins Tony Delroy to discuss how technology affects your business and life.

    This week we’re talking about how the agricultural industry are using smartphone apps and the web. A list of apps for farmers is available from the NSW Department of Primary Industry website.

    We’ll also be looking at how machines are talking – in agriculture, the next generation of farm equipment will be sending data straight to the farmers’ tablet or laptop computer using the technologies we’re seeing in jet engines and other high tech equipment.

    Connecting everything does come with risks. A US report found that networked medical equipment is rife with malware and the Defense Signals Directorate points out that out-of-date computer systems are one of the main causes of data breaches.

    One of the things driving the apps world is cloud computing and Google have given a rare glimpse into the data centres that run their services.

    Social media is one of the things that are driving cloud computing, but there’s traps for businesses in posting information about customers and staff. We’ll be looking at those as well.

    We’d love to hear your views and comments so join the conversation with your on-air questions, ideas or comments; phone in on the night on 1300 800 222 within Australia or +61 2 8333 1000 from outside Australia.

    Tune in on your local ABC radio station or listen online at www.abc.net.au/nightlife.

    You can SMS Nightlife’s talkback on 19922702, or through twitter to @paulwallbank using the #abcnightlife hashtag or visit the Nightlife Facebook page.

    Similar posts:

  • Dealing with the DNS Changer Trojan

    Dealing with the DNS Changer Trojan

    On Monday, thousands of computers around the world will be cut off the web as the servers behind the DNS Changer Trojan Horse are shut down.

    The DNS Changer did exactly what the name says – it changed a computer’s Domain Name Service (DNS) settings so that all web traffic went through servers belonging to the virus writers.

    Eventually the writers were caught and the computers were seized, in order to avoid disruption the servers were left running but they will be shut down on Monday.

    On Monday, those computers still infected won’t be able to surf the net until the problem is fixed.

    How Do I Know I’m infected?

    As part of the Shutdown, the DNS Changer working group was set up. On their site they have a  detection tool website that will tell you if your computer is infected.

    How can I fix the problem?

    The easiest fix is with the Microsoft Malware Scanner which will check your computer for the DNS Changer virus along with other malware. If the scanner detects a problem it will remove the virus. IT Queries also have instructions on Removing A Trojan.

    To prevent further infections, it’s necessary to install an up to date anti virus. A good free one is the Microsoft Security essentials tool.

    The DNS Changer Trojan was very effective malware and it illustrates why computer users need to be careful of where they go on the mean streets of the Internet.

    Similar posts: