Botnets and Blippy and iPhones. Oh my!
- March 3rd, 2010
- Posted in News . Security
- By Davezilla
- Write comment
Wow, busy week for feds and hackers alike!
Mariposa Botnet netted and doused in formaldehyde
UPDATE: New details have emerged about the size and complexity of the Mariposa botnet. Apparently Mariposa dwarfed the attacks from Estonia and Georgia, and contained details on over 800,000 people.
Investigators in Spain shut down the Mariposa botnet, finding out the perps weren’t the sophisticated geniuses they expected.
“They’re not like these people from the Russian mafia or Eastern European mafia who like to have sports cars and good watches and good suits — the most frightening thing is they are normal people who are earning a lot of money with cybercrime,” said Cesar Lorenza, a captain with Spain’s Guardia Civil.
Blippy = TMI
For the life of me, I cannot figure out why anyone would use this service. Blippy allows you to post your purchases—in real time—to credit cards, ecommerce sites, etc., publicly and let your friends like or comment on your purchases. Seriously. Dancho Danchev’s post, Does Blippy really pose a security risk? is a must-read wake-up call for anyone using or planning to use this service. Hint: Don’t. Even Web Celebs like Leo LaPorte post rather sizable purchases on Blippy, making question whether or not he realizes what a target he is making himself into.
Botnets are ruining your inbox
Good lord. As if Mariposa wasn’t causing enough mischief, two other botnets, Grum and Rustock are accounting for nearly half of all spam, most of it Canadian pharma scams.
iPhones users targeted for scams
This scam is pretty ingenious in an evil way. According to the MarkMonitor blog,
“This recent attack also stands out because it utilizes some advanced technologies and suggests possible directions of future cybercriminal activity. First, the attack uses server-side logic that hides the phishing site unless it is accessed through the browser produced by the smartphone company. Second, the attack uses additional protective technology in the form of a fast-flux network, which hides the phishing site behind a dynamic network of ever-changing proxies. These two smart technologies demonstrate how cybercriminals continue to focus their efforts on making their attacks targeted, stealthy, and resilient.”
Choosy hackers choose PDF
According to a recent report of more than a trillion Web requests, PDFs were responsible for a staggering 80% of all exploits targeted at Adobe Reader vulnerabilities. The report (ironically itself a PDF) mentions that Flash-based attacks actually dipped from 40% to 18% in Q4 2009 while malicious PDFs rose from 56% to 80%.
More stories tomorrow. Lots going on! What do you think of Blippy? Too much info? Let us know!
No related posts.
Blippy seems to be a high point of information leakage. The folks at http://pleaserobme.com/ claim to be just making the point that things like 4square are a bad idea. Either way, I’m starting to pull back on the information I share online.
As for the botnet activity; it’s just crazy isn’t it? Damballa did a great overview of the bot called Zeus in December: http://blog.damballa.com/?p=438 You can see the feature’s available etc…
OK scary! (Zeus)