Operation n

People are now getting a bit more adventurous in what kind of attacks they perform. This one goes for the root of all evil, money and stock market. An Asian fellow gained access to an Internet brokerage and proceeded to dump all existing holdings and bought for himself lightly traded stocks to inflate the price big time. This pump and dump technique is not new but it has never been seen in security hacking context before.

Furthermore, there is spam going around propagating a rumour that United Airlines is about to crash. (The share that is and one of its planes). The ‘bankruptcy’ has been doing the rounds and caused the stock price to take a hammering

Well I guess it was only matter of time but there is a worm, koobface (they should have really called it n00bface IMHO) that sends a variety of comments and messages to the friends of anyone infected by the malicious program. There is accompanying link which seems fine but then it asks you to update the flash player, which isn’t from adobe and launches the malicious code to infect the user.

Well hopefully got your attention here! But the old adage that sex sells and sensationalism grabs punters is always relevant. And these are the little tricks that are used to get people click, download, install malware. In general, people have wised up about download and installing software through malicious hyperlinks in email and websites.
But users can still be fooled if the surrounding context around the malware entices you to install it. One way is the ‘pay-per-view’ technique, where a website or hyperlink states something like Sex Scandal campaign involving Barack Obama. Users will want to know, curiosity gets the better of them and possibly without thinking, they look at the video, which happens to install malware.
Another similar technique is being authoritative and stating you have to install plug-ins and software to use the application properly. This is the case for the Fake Twitter profile with the OrkutTron Trojan

There is still backlash from Dan Kaminsky and his DNS poisoning find. There is still concern that apple have not got with the programme still. There appear to have a fix for servers but not for clients.
In other news, Mac users have been told to use Firefox or Opera instead of Safari. Safari appear to not have a good anti-phishing protection program associated with it.