Security Response

In this day and age we’re all aware of the threat cybercriminals pose to our personal information. If you’re not careful, items such as your credit card number could fall into the wrong hands, resulting in unauthorized goods and services being purchased in your name. What may come as a surprise is not everyone participating in these activities is a full-blown cybercrimial. Some are ordinary citizens—just like you and me—that unintentionally get caught up in illegal activity.

How does this happen? Let’s say you’ve recently lost your job and are desperate to find new work. So, you post your resume on a job recruitment website. A short time later you receive an email from a recruiter:

Acme Inc. is opening a vacancy for the Correspondence Manager position.

What luck—the job is done entirely from home, receiving and reshipping packages. It’s easy work that pays quite well:

Base Payment Mail handling...

Threats targeting the Macintosh platform are much less common than those targeting Windows. The same can be said about video games, where Windows is the dominate platform of the two. Combining games and malware has happened before, but a Mac game performing malicious activities? That’s something relatively new.

Takashi Katsuki, one of our Tokyo engineers, came across just that today. The game looks to be a throw-back to the classic Space Invaders/Galaga style of games from the early 1980s. However, what brings this game into the realm of malicious code is that for every alien ship you destroy, the game deletes a file from your home directory.

A lot can be said with 140 characters. It’s just enough to convey a point, but constricting enough to make things concise. No wonder microblogging sites such as Twitter have become so popular.

Unfortunately one of the limitations here is sharing Web pages with long URLs. In order to address this issue, URL-shortening utilities have grown in popularity on the site. Using such tools allows you to include a link well within the 140-character limit, which will redirect anyone who clicks it to the longer URL and thus the site you wanted to share.

There’s one downside here, from a security point of view—you’ll often have no idea where the link leads until you click it. Clicking any link like this is entirely a security leap of faith. Unfortunately malware authors have caught on to this and are currently distributing misleading applications using these shortened URLs. Using enticing tweets and commonly used twitter search terms, their goal is to get...

It seems that the Downadup family of worms is gone but not forgotten. Or is it the other way around?

Media attention for Downadup has waned since early April. The last variant of the threat, W32.Downadup.E, included a “self-destruct sequence” effectively deleting itself as of May 3, 2009. Has the death toll for Downadup chimed, effectively moving it to the historical annals of malicious code?

Not in the least—Downadup is still very much alive and kicking around out there. While the threat is no longer spreading with the same fervor as it did at the beginning of the year, its infection numbers are not falling off as you would expect if we were looking at the cleanup period of a has-been threat. Let’s take a look at some rough data that we’ve collected here in Security Response.

...