Destroy all Malware

100% Undetectable Malware

Thu, 29 Jun 2006 22:06:12 GMT

This researcher Joanna Rutkowska claims that she's got a prototype of a AMD Vista x64 malware component that is 100% undetectable.

Joanna Rutkowska: Over the past few months I have been working on a technology code-named Blue Pill, which is just about that - creating 100% undetectable malware, which is not based on an obscure concept. The idea behind Blue Pill is simple: your operating system swallows the Blue Pill and it awakes inside the Matrix controlled by the ultra thin Blue Pill hypervisor. [cut] I would like to make it clear, that the Blue Pill technology does not rely on any bug of the underlying operating system. I have implemented a working prototype for Vista x64, but I see no reasons why it should not be possible to port it to other operating systems, like Linux or BSD which can be run on x64 platform.

She lost me when the operating system swallowed a blue pill. Obviously a metaphor, but hidden details often turn into algorithmic holes. Either way, this is just a taste of the future.

http://theinvisiblethings.blogspot.com/2006_06_01_theinvisiblethings_archive.html

People Aggregator Spamming

Tue, 27 Jun 2006 01:59:48 GMT

Jeremy Zawodny is reporting that People Aggregator has gone live and is spamming everybody with invites. Marc Canter, one of the guys behind People Aggregator, is denying it's spam. He claims...

perhaps anotehr way of looking at Jeremy’s statement is “too many Yahosters are inviting each otehr into the PeepAgg and not working hard enough!”

Unfortunately, I'm getting invites to email addresses that I haven't used in years and I'm getting invites to auto-responder email addresses. Neither of which someone would knowingly invite. This is spam. Marc continues with...

So if you’ve contacted me or spammed me in the past 12-15 years - be prepared to be invited into the PeopleAggregator.

This explains some of the spam I'm receiving. Marc likely subscribed to some of my services and received a auto-responder verification email. Now he's sending invites to those robots. The problem with spam is that eventually even the good guys do it and justify it with dumb statements.

http://jeremy.zawodny.com/blog/archives/006959.html

Voicemail Sucks!

Mon, 26 Jun 2006 22:58:57 GMT

Charles Arthur: Voicemail is spectacularly inefficient and I hate it, so please don't leave me a message when you call.

http://technology.guardian.co.uk/weekly/story/0,,1802540,00.html

Randy: Couldn't agree more. About a year ago I disabled voicemail on my cell phone because the majority of voice mails were actually solicitations. I still have voice mail at home and I'm not really all that interested in picking up the phone when it rings, because although I want someone to clean my chimney, I don't want them calling every week to tell me they are in my neighbourhood. Now, if only they had a spam filter for voice calls that didn't require use of Outlook.

YPN Showcases spammer?

Wed, 21 Jun 2006 18:53:53 GMT

I found YPN's showcasing with Jeremy Shoemaker pretty disturbing. Jeremy runs a Website called ShoeMoney.com which I recently found was spamming me. I sent Jeremy a reply indicating that spamming was against the AdSense terms. He replied "I guess its a good thing I dont use adsense anymore ;)". I noticed he had converted entirely to YPN. Anybody know the reason? Was he banned from AdSense for spamming? I replied back that Yahoo! doesn't permit spamming either, but haven't heard further. This last email was sent only yesterday and today he's highlighted by YPN. It's pretty disturbing to me that Yahoo! is showcasing a spammer, but it's entirely possible that they don't know he's a spammer, so I'll give them the benefit of the doubt. Please spread this blog entry, if only to educate Yahoo! about who they are dealing with.

http://ypnblog.com/blog/2006/06/21/publisher-spotlight-6/

cross-posted from Besting AdWords

ShoeSpam

Mon, 19 Jun 2006 23:56:53 GMT

I was very excited to receive the following email (excerpts only) from Jeremy Shoemaker.

Hello,
sorry to spam you ;)

No unsubscribe link and it was obviously an auto-mailer, as it didn't reference me by name or mention anything about me, my blogs or websites. Jeremy is an AdSense publisher and doesn't appear to be aware that SPAMming is against the AdSense terms and is a valid reason for Google to terminate your AdSense account. I've heard Jeremy makes some pretty serious coin via AdSense. You can't stop most SPAM, but I'm entirely sure that by CCing AdSense abuse on my reply, that Jeremy will think twice next time.

The SPAM Trademark

Mon, 19 Jun 2006 16:40:12 GMT

NetBop has successfully trademarked the term bopspam, at the objection of Hormel Foods, maker and trademark holder of Spam, the spiced ham.

http://news.bbc.co.uk/2/hi/uk_news/wales/south_west/5084002.stm

New Vulnerability in Microsoft Excel

Sat, 17 Jun 2006 00:37:43 GMT

Mike Reavey: We've received a single report from a customer being impacted by an attack using a new vulnerability in Microsoft Excel. [cut] In order for this attack to be carried out, a user must first open a malicious Excel document that is sent as an email attachment or otherwise provided to them by an attacker.

http://blogs.technet.com/msrc/archive/2006/06/16/436174.aspx

Randy: Just a reminder. Don't open email attachments unless you know, for a fact, that it doesn't contain a virus.

PayPal Security Flaw allows Identity Theft

Fri, 16 Jun 2006 16:09:22 GMT

Netcraft: A security flaw in the PayPal web site is being actively exploited by fraudsters to steal credit card numbers and other personal information belonging to PayPal users.

Randy: Lesson. Never access a website where money or vital personal information is exchanged via a link. Always type the URL by hand in the address bar. The phishing attacks are getting more and more clever.

Lazy Phisher

Thu, 15 Jun 2006 10:52:50 GMT

I find the phishers have gotten awefully lazy :-)

http://www.giveusallyourmoney.com/

eBay.co.uk spam

Wed, 14 Jun 2006 20:23:36 GMT

I seem to be getting quite a few spams related to eBay.co.uk and PayPal redemption code CELEBRATION3. Is eBay becoming a spammer? That would be quite disappointing.

Phishing Alert: MySpace

Mon, 05 Jun 2006 23:10:42 GMT

Websense Security Labs has discovered a phishing attack that attempts to steal the account information of MySpace.com users. A hyperlink is first delivered to victims via AOL Instant Messenger. Users who follow this link are taken to a fraudulent website that spoofs the MySpace.com login page. This page captures their MySpace account information.

http://www.websense.com/securitylabs/alerts/alert.php?AlertID=504

Something to be weary of. It's not like losing your MySpace account information is really that important, but I suspect the popularity of MySpace may help educate the average Internet user about phishing attacks.