Malware Using Windows Task Scheduler

Do you even know that Windows has a built-in Task Scheduler? And if you know it, do you ever use it? Personally, I haven't used it in years.

But that doesn't mean that the vermin of the Internet don't know about Task Scheduler. They just love these bits and pieces of Windows that users never think about. In fact, they love them almost as much as they love your money. And why not? Features like Task Scheduler help them steal your money.

The Task Scheduler does exactly what the name implies: It launches programs and runs tasks in ways that don't involve user interaction. You can see why malware developers would love this. In an InfoWorld blog post, Security Adviser Roger A. Grimes explained how unethical hackers take advantage of Task Scheduler. "For example, malware will often create a task that looks for certain preconditions to launch, downloads new malicious code on a schedule, or uses scheduled tasks as a way to always remain in memory. I've seen malware hunters struggle to find out how the malicious code 'keeps re-infecting their clean system.' Answer: Check the Task Scheduler."

Read more »

2

Your Macabre Curiosity Can Hurt You

Gruesome images of violent death fascinate people, but acting too rashly on that fascination can get you into trouble. It could bring you nightmares. It may force you into awkward explanations should your spouse, children, or parents find out about it. And it could infect your computer.

Soon after rebels killed Libyan dictator Muammar Gaddafi, emails of evil intent went out offering "bloody photos" of the hated leader's death. According to a Computer Business Review report, the message came with an attached file called "Bloody Photos_Gadhafi_Death.rar." If you decompress that file on a Windows PC that's not properly protected, then congratulations, you are now the proud owner of an infected computer.

The folks who designed this bait knew what they were doing. First, they spoofed this email, faking the “From” address to make it appear to come from Agence France-Presse (AFP0), a legitimate news service. And by making Gaddafi's death the center of their trap, they attracted both news junkies and the morbidly curious. Besides, since almost everyone wanted Gaddafi dead, an invitation to look at his gruesome body seemed not only macabre but somewhat guilt-free.

Read more »

1

Malware Keeps Evolving

Malware never sleeps. And it never sits still, either. New and potentially disastrous threats appear on the Internet more frequently than new crops of tomatoes show up at the supermarket.

And with good reason. As soon as a new threat is discovered, security companies like Trend Micro snap into action, searching for ways to identify, neutralize, and remove the latest in evil software. And the bad guys, unwilling to give up on your hard-earned money, have to try and stay one step ahead of them.

Consider the notorious Duqu rootkit, which seemed like the baddest malware around when it was discovered in mid-October. That one appears to have been based on Stuxnet, the biggest baddy of 2010. As an unsigned Help Net Security article put it, "It is a game that malware creators have played with victims — the computer users — or with their arch-enemies — the AV industry — since computers were too large to fit in a regular room and were anything but 'personal.'"

Read more »

2

There's Nothing Really Wrong with Your Windows Live Account

When an email, apparently from a bank, credit card company, or Internet provider, asks for your personal information, you know there's something phishy going on. When a cyber con-artist goes phishing, he or she sends out email in hopes of tricking people into giving away passwords and other valuable information.

An interesting phishing letter aimed at Windows Live members has been making the rounds lately. It's relatively wordy and clearly written by someone without a good grasp of English grammar: "We encountered a problem with our database and a lot of records were lost, we are restoring our database to enable us serve you better." The message threatens the death of your account and data if you don't reply, then goes on to ask for your User Name, Password, Date of Birth, and Country. (For the full text, see this Windows Live forum discussion.)

People who are easily fooled will panic and fill in the information. Before long, spam will start going out in their name. They may get locked out of their own email accounts, or worse.

Read more »

1

Huge, Multinational Dragnet Takes Down Cyber-Mafia

Sometimes the good guys really do win.

On Nov. 8, the FBI, the Estonian police, and Trend Micro brought down what may be the largest shark yet caught in the criminal waters of the Internet. In a sting code-named “Operation Ghost Click,” law enforcement officials raided offices in New York City, Chicago, and Tartu, Estonia. At the time of the arrests, the alleged criminal network controlled over four million computers without the knowledge of those computers' owners.

Dubbed Esthost, and controlled by the Estonian company Rove Digital, the illegal network used counterfeit Domain Name Server (DNS) settings to control infected computers. DNS servers are a necessary part of the Internet, translating human-friendly URLs into computer-friendly IP addresses and thereby telling browsers where they can find particular Web pages. Chances are your PC uses a DNS server belonging to the company that provides your Internet service.

Read more »

1

The Future of Malware: We Have Nothing To Look Forward To

You might think that malware threats are scary now, but believe me, they're only going to get worse. You can look forward to, or more likely dread, such wonders as smartphone worms, social attacks, and whales (not the kind that people want to save).

Jeff Vance provides a taste of things to come in an article on Network World. "It's only going to get worse as more information gets dumped online by mischievous hacker groups like Anonymous, and as for-profit hackers widen their horizons to include smartphones and social media."

They'll also narrow their horizons, with special attacks aimed at the juiciest targets. You've heard of phishing, which attempts to trick suckers into giving important information to criminals masquerading as trustworthy companies. But some suckers are more profitable than others, and why phish for minnows when you can target whales? Vance describes "a recent attack attempt where the bad guys targeted executives of a major corporation through their spouses. The logic was that at least one executive would have a poorly secured PC at home shared with a non-tech savvy spouse, which would then provide the backdoor needed to compromise the executive and gain access into the target company."

Read more »

2

Thailand Prime Minister's Twitter Hacked

People know you through your Twitter account. That's how you express your opinions, your thoughts, and your concerns. And if you have a business, you promote it through your tweets.

So the last thing you want is someone else tweeting their opinions, thoughts, and concerns while masquerading as you. Should someone successfully hack your Twitter account, you're going to be embarrassed at best and ruined at worst.

And if someone can successfully hack a prime minister's Twitter account, no one is safe. And last month, the Prime Minister of Thailand's Twitter account was hacked, presumably by someone who voted for the opposition.

Read more »

1