Latest news and stories from BleepingComputer.com

Apple announces the Apple iPad

Wed, 27 Jan 2010 14:19:51 EST

Today at the an event in San Francisco Apple CEO Steve Jobs unveiled the iPad. This is a tablet device weighing in at 1.5 pounds with a 9.7" LCD screen and a staggering 10 hour battery life.

The iPad contains full compatibility with existing iPhone apps as well as new apps that were designed specifically with the large screen of the iPad in mind. Some of the apps displayed were a few games, iBook for digital books, and the iWork work suite.

For more information see the live coverage at the link to Macworld.com below.

Link: Macworld live event coverage

Adobe issues updates to Reader and Acrobat to address critical vulnerabilities

Tue, 12 Jan 2010 20:12:56 EST

Adobe posted a security bulletin where they outline critical vulnerabilities in Adobe Reader and Acrobat that could allow a remote user or malicious program to gain control over your computer. To protect yourself, it is strongly advised that you download and install the latest version of Adobe Reader and Acrobat immediately. The current version is version 9.3 and can be downloaded at the link below.

Even if you do not use PDFs, having these programs installed on your computer while browsing the web puts your computer at risk. While browsing the web, a malware distributor or hacker could use use this vulnerability and allow hackers or malware to have full control over your PC. They do this by using Javascript exploits or Iframes to automatically open specially crafted malicious PDF files in the vulnerable Adobe Reader without your permission. Once the malicious PDF is loaded by Adobe Reader or Acrobat, it will execute the commands integrated into the PDF on your computer without your knowledge or permission. These commands could further download other malware onto your computer without your knowledge that open backdoors or steal your information.

Therefore please update Adobe Reader and Acrobat now!

Link: Adobe APSB10-02 Security Bulletin
Link: Adobe Download Link

Google thinking of leaving China

Tue, 12 Jan 2010 20:06:20 EST

Google has threatened late Tuesday to pull out of its operations in China after it said it had uncovered a massive cyber attack on its computers that originated there. Google said that it had found a �highly sophisticated and targeted attack on our corporate infrastructure originating from China.� As a result, the company said, it would no longer agree to censor its search engine in China and may exit the country altogether.

Source : http://www.nytimes.com/2010/01/13/world/as...beijing.html?hp

Big Profits in the Rogue Anti-Spyware Business

Tue, 15 Dec 2009 19:04:16 EST

On December 11th, 2009 the FBI released a press release titled Pop-Up Security Warnings Pose Threats. In this press release they state:

"The FBI warned consumers today about an ongoing threat involving pop-up security messages that appear while they are on the Internet. The messages may contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. The messages contain scareware, fake or rogue anti-virus software that looks authentic."

As new rogues are released almost daily, and we stay on top with them with the guides, this is not news to us. Rogues have become an epidemic in the malware scene and they do not seem to be slowing down. In fact the Wini family of rogues releases a new one almost every other day. This is further illustrated in a Kaspersky an article by Vyacheslav Zakorzhevsky called Rogue antivirus: a growing problem that states "Such programs are extremely widespread and are increasingly used by cybercriminals. Whereas Kaspersky Lab detected about 3,000 rogue antivirus programs in the first half of 2008, more than 20,000 samples were identified in the first half of 2009.". Unfortunately, the developers of Rogue software are typically located in countries that do not have a strong policy on cyber crime and thus there is little that can be done about it.

The reason these rogues are created in the first place is because they generate huge amounts of revenue. These rogues are promoted through through affiliate programs where affiliates get paid a certain amount of dollars, some as high as $30, every time the rogue is installed on a computer. As most of these rogue companies do not care how the affiliates get the program installed, many of the affiliates will use any means at their disposal to get these programs installed on a computer. This includes using malware to silently install them or fake online anti-malware scanners to trick a user into thinking they are infected.

These huge profits are shown in the FBI press release where it states "The FBI estimates scareware has cost victims more than $150 million.". This is further corroborated in an article written by Brian Krebs titled Massive Profits Fueling Rogue Antivirus Market where we learn that some of the top rogue affiliate earners have made over 200 thousand dollars in 15 days. With profits such as this, it make perfect sense why these types of malware are so prolific and why they are here to stay.

Link: Pop-Up Security Warnings Pose Threats
Link: Internet Crime Complaint Center (IC3) complaint form

Spam accounts for 87.7% of all e-mail in 2009

Tue, 08 Dec 2009 14:00:09 EST

According to a report by MessageLabs(PDF), 87.7% of all e-mails sent in 2009 were spam. This is despite several high-profile takedowns of prolific spam-spewing ISP's in late 2008 and in August of this year.

The report blames this on personal computers which have been compromised by malicious software, thus becoming a part of a "botnet" used to send spam.

These "zombified" computers account for 83.4% of all 107 billion spam messages sent each day. The cutwail botnet alone sent 8.5 trillion messages between April and November.

Malwarebytesand#39; accuses IOBits of stealing their programs malware definitions

Mon, 02 Nov 2009 23:17:38 EST

The Malwarebytes', or MBAM, team announced today that IOBit, a software developer located in China, has been purposely stealing their malware definitions and incorporating it into their Security 360 product. As IOBit has been marketing their new security product strongly lately, this accusation could make their Security 360 product short lived.

It started with the MBAM team discovering a forum thread at the IOBit forum with a user questioning the scan results from their new Security 360 product. The scan result is:

Dont.Steal.Our.Software.A, File, G:\Nothing Much\Anti-Spyware\Malwarebytes' Anti-Malware v1.39\Key_Generator.exe, 9-30501

The definition classification of Don't.Steal.Our.Software.A. is the exact same one that Malwarebytes' uses in their virus definitions for various MBAM serial code generators. The MBAM staff found it strange that IOBit would detect MBAM keygens and at the same time use the classification that they themselves made up. This led them to become suspicious and to dig deeper into the IOBit virus definitions. What they discovered was that this was not a unique incident and that there were other definitions that were copied directly from their database as well.

To finally confirm that they were indeed stealing their definitions, MBAM created a definition for a fake and nonexistent Rogue program called Rogue.AVCleanSweepPro and created fake and harmless test files to go along with this test. This is not a real infection and was made up by the Malwarebytes' development team in order to catch IOBit in the act. Therefore, the only place this definition should exist is in the Malwarebytes program definitions. Within two weeks, though, IOBit was flagging this same infection under almost the exact same names. So let's recap. A company makes up a program and two weeks later it appears in another company's program? Seems pretty obvious that they are stealing their definitions.

Malwarebytes` has also stated that they have discovered that IOBit may have stolen definitions from other competitors databases as well. At this time we do not who these other competitors are and what was stolen. This is not the first time that malware definitions have been stolen from competitors, but no matter how you look at it, this is a criminal act as the virus definitions are the intellectual property of the creators.

After the announcement, there has been a strong community outcry on the purported behavior of IOBit as seen by the Malwarebytes's announcement topic listed below. As IOBit is located in China, there has not been much of a response back from them as of yet. The only thing we have seen are threads being deleted from the IOBit forums when the subject is broached, and just recently, and new thread created by a IOBit staff member that is supposed to be used to post questions about the accusations by Malwarebytes'.

We will continue to cover this and provide any updates as we get them.

Link: Malwarebytes' Announcement
Link: IOBit's Accusation Thread

100 Core CPU Announced

Tue, 27 Oct 2009 00:50:10 EDT

QUOTE

Forget dual-core and quad-core processors: A semiconductor company promises to pack 100 cores into a processor that can be used in applications that require hefty computing punch, like video conferencing, wireless base stations and networking. By comparison, Intel�s latest chips are expected to have just eight cores.

From: Wired

Windows 7 takes to the streets with a series of launch events near youand#33;

Fri, 23 Oct 2009 13:22:01 EDT

With the launch of Windows 7, Microsoft has taken to the streets of New York City and throughout the rest of the country with a series of launch events.

Starting on October 23rd, Microsoft and HP will be hosting a series of events located in stores around NYC. The stores will contains demos of new HP hardware running Windows 7 as well as contests and giveaways. The list of the stores where these events will take place is:

Store	Time	Location
Office Depot	10 a.m. - 4 p.m.	1441 Broadway
Staples	10 a.m. - 4 p.m.	5-9 Union Square Street
Best Buy	1 p.m. - 7 p.m.	60 W 23rd Street
Best Buy	1 p.m. - 7 p.m.	1280 Lexington Ave.
Best Buy	1 p.m. - 7 p.m.	1880 Broadway

Microsoft and HP are also sponsoring events featuring NBA players over the next several weeks to promote Windows 7, including a sweepstakes promotion that will award six trips for two to the 2010 NBA Playoffs and one trip for two to the NBA Finals. Secondary prizing will include HP and Microsoft product and/or NBA-themed merchandise - including seven notebooks given away every week. The list of NBA players and locations can be found below:

Player	Location	Date	Time	Store	Address
Eric "Sleepy" Floyd	Washington DC	Oct. 24th	1 p.m. - 4 p.m.	Best Buy	3401 Jefferson Davis Hwy, Alexandria, VA 22305
BJ Armstrong	Chicago	Oct. 31st	1 p.m. - 3 p.m.	Best Buy	1000 W. North Ave Chicago, Il. 60622
Dominique Wilkins	Atlanta	Nov. 7th	12 p.m. - 2 p.m.	Best Buy	1875 Pleasant Hill Rd Duluth, GA 30096
TBD	Philadelphia	Nov. 15th	1 p.m. - 3 p.m.	Best Buy	2300 S Christopher Columbus Blvd Philadelphia, PA 19148
Earl Monroe	New York	Nov. 21st	1 p.m. - 3 p.m.	Best Buy	52 E. 14th Street #64 New York, NY 10003
Clyde Drexler	Houston	Nov. 29th	1 p.m. - 3 p.m.	Best Buy	5133 Richmond Ave Houston, TX 77056
Kareem Abdul Jabbar	Los Angeles	Dec. 5th	1 p.m. - 3 p.m.	Best Buy	2909 Los Feliz Blvd Los Angeles, CA 90039

All in all, these events look like a lot of fun for both geeks and basketball fans.

Link: HP �WIN IN 7� SWEEPSTAKES Information

and#036;29.99 Windows 7 Home Premium Upgrade for College students

Fri, 25 Sep 2009 09:43:32 EDT

Microsoft announced recently that they are offering a very good deal for college students in the United State and in the United Kingdom. This deal allows students to purchase a Windows 7 Home Premium license for $29.99 compared to the normal price of $119.99.

This promotion ends on January 3rd, 2010 and after that it will go back to normal pricing for college students. So if you are in college, this is too good of a deal to pass up. Even if you do not plan on upgrading immediately, it would be a smart decision to take advantage of this promotion in order to get Windows 7 at such a great price for a future upgrade.

The links to the related sites are below.

Link: United States Windows 7 Promotion Site
Link: United Kingdom Windows 7 Promotion Site

Matteland#39;s Mindflex: One of the geekiest and coolest toys for the holidays

Fri, 18 Sep 2009 11:55:02 EDT

During the 2009 CES show, Mattel showed off a cool toy called Mindflex. What makes this toy so cool is that the toy is operated via mind-control. Using your mind, you will need to navigate a small ball through an obstacle course. How well you can train your mind to display certain emotions or thoughts will determine how well you are able to play the game.

To play the game you wear a headset that contains headbands with electrodes and clips for your earlobes. The headset and clips will read the electrical impulses from your brain, and using the strength of these impulses, lower or raise a ball on a small jet of air. You then use a dial to move the ball to the left and to the right. In order to successfully navigate the obstacle course you will need to be able to train your mind to deliver the required intensity to raise or lower the ball as needed. Videos I have seen show that this game is not going to be easy and you will need to workout, or flex, your brain in order to properly navigate the game.

Mindflex is expected to ship on October 1st, 2009 for a price of $80 USD and is already ranked #11 in Amazon's toy department. Though pricey, this is going to be a hit item for the holidays and will probably sell out fast.

Link: Mattel's Mindflex Site
Link: Mindflex at Amazon