How to detect and fix a machine infected with DNSChanger

By Topher Kessler, CNET

The FBI will be closing the DNSChanger network on Monday, after which thousands worldwide are expected to no longer be able to access the Internet.

On July 9, the FBI will close down a network of DNS servers that many people have been depending on for proper Internet access. These servers were originally a part of a scam where a crime ring of Estonian nationals developed and distributed a malware package called DNSChanger, but which the FBI seized and converted to a legitimate DNS service.

This malware scam has been widespread enough that even third-party companies like Google and Facebook and a number of ISPs like Comcast, COX, Verizon, and AT&T have joined in the effort to help remove it by issuing automatic notifications to users that their systems are configured with the rogue DNS network.

If you see this or similar warnings when using Google or other services, then be sure to check your system for malware.

(Credit: CNET)

If you have recently received a warning when performing a Google search, browsing Facebook, or otherwise using the Web that claims your system may be compromised, then you might consider taking a few steps to check your system for the presence of the malware. This can be done in a couple of ways. First you can check the DNS settings in your system to see if the servers your computer is using are part of the rogue DNS network.

Read the entire article here.

Wyndham Hotels In Hot Water Over Personal Information Protection

Credit card data of hundreds of thousands of consumers compromised, millions lost to fraud

By James Limbach, ConsumerAffairs.com

When you go on vacation, the last thing you want to do is be hassled with a credit card problem because someone at your hotel screwed up. But, according to the Federal Trade Commission (FTC), that’s what’s happened to a lot of folks who stayed at Wyndham Hotels.

The FTC has filed suit against global hospitality company Wyndham Worldwide Corporation and three of its subsidiaries for alleged data security failures that led to three data breaches at Wyndham hotels in less than two years.

According to the agency, these failures led to fraudulent charges on consumers’ accounts, millions of dollars in fraud loss and the export of hundreds of thousands of consumers’ payment card account information to an Internet domain address registered in Russia.

Read the entire article here.

Researcher reveals massive 'professional thieving' botnet

A nasty piece of malware that's infected up to a million PCs is stealing financial information from consumers and businesses at an alarming rate, a noted botnet researcher said today.

By Gregg Keizer, ComputerWorld

A ferocious piece of malware that's infected up to a million PCs is stealing a "tremendous" amount of financial information from consumers and businesses that log on to their bank, stock broker, credit card, insurance, job hunting and favorite e-shopping sites, a noted botnet researcher said today.

"Clampi is the most professional thieving pieces of malware I've ever seen," said Joe Stewart, director of malware research for SecureWorks' counter-threat unit. "We know of few others that are this sophisticated and wide-ranging. It's having a real impact on users."

The Clampi Trojan horse has infected anywhere between 100,000 and 1 million Windows PCs, said Stewart -- "We don't have a good way of counting at this point," he acknowledged -- and targets the user credentials of 4,500 Web sites.

FOR COMPLETE STORY, PLEASE CLICK HERE.



~Sandy G.

False-positive swindles grow rapidly online

Fake anti-virus programs set to rule the roost

By John E. Dunn, Techworld

The phenomenon of fake anti-virus (AV) software is growing at such a pace that it could grow to eclipse all other types of malicious software, one security company has suggested.

The Business of Rogueware, the latest threat report from PandaLabs, the research wing of Spanish AV company Panda Security, contains the usual round of statistics on malware growth found in all such vendor reports, but it is the section on rogue anti-virus that should make PC users sit up and pay attention.

In the first quarter of 2009, the company detected more bogus anti-virus files or variants than in the whole of 2008, 111,000 in total. Unconfirmed second quarter figures show that this rose during the second quarter to 374,000. This rise accords with similar statistics published last week by rival Sophos, which said that it was now detecting 15 new bogus AV sites a day, compared to five a day in the latter half of 2008.

FOR COMPLETE STORY, PLEASE CLICK HERE.



~Sandy G.

The 10 most damaging botnets in the U.S.

America's 10 most wanted botnets ranked by size and strength

By Ellen Messmer, Network World

Botnet attacks are increasing, as cybercrime gangs use compromised computers to send spam, steal personal data, perpetrate click fraud and clobber Web sites in denial-of-service attacks. Here's a list of America's 10 most wanted botnets, based on an estimate by security firm Damballa of botnet size and activity in the United States.


No. 1: Zeus


3.6 million compromised U.S. computers. The Zeus Trojan uses key-logging techniques to steal sensitive data such as user names, passwords, account numbers and credit card numbers. It injects fake HTML forms into online banking login pages to steal user data.

No. 2: Koobface


2.9 million compromised U.S. computers. This malware spreads via social networking sites MySpace and Facebook with faked messages or comments from "friends." When a user is enticed into clicking on a provided link to view a video, the user is prompted to obtain a necessary update, like a codec -- but it's really malware that can take control over the computer.

FOR COMPLETE STORY, PLEASE CLICK HERE.



~Sandy G.