Latest news and stories from BleepingComputer.com

Beware of new email scam asking you to import Diamond Purifier

Wed, 30 May 2012 18:36:07 EDT

As a word of warning to our visitors, there is a new e-mail scam under way where the scammers are impersonating a company called Emporium Jewelries Group Limited. This scam is a new face for the same old scam where they are trying to get you to send them money in return for a generous commission. The interesting thing for me at least, was that they are now giving their pitch via an attached jpg image. This is being done to avoid spam protection.

The subject of the email is Enquiry and the message contents are "Dear Sir,Kindly view attached proposal." The email also has an .jpg image attachment showing a letter from a Mr. Robert Marshall that contains the pitch. This image shows a professional looking letterhead from a Mr. Marshall where he is asking for your assistance in procuring White Diamond Purifier and Green Diamon Purifier from someone in Dubai.

That letter looks so professional, I want to quit my day job and see if I can get rich importing Diamond Purifier! I mean the image shows it's certified, so it must be legit!

In all seriousness, people do fall for these scams, so if you get an email similar to this one please delete it and ignore.

The contents of the letter can be seen below.

Quote

Dear Sir,
There is a product our company needs from Dubai (U.A.E) but we are having problem from the owner of the product due to language barrier.

We contacted the owner of the product through his telephone number but could not understand his language as he speaks Arabic only.

His name is Mr. Ibrahim Khalil, Please if this proposal interest you do get back to us for modalities and we will also give you the telephone number of Mr. Ibrahim Khalil for you to call and confirm if he has the product we need, the price and colour of the product because the colour we want now is Green Diamond Purifier and White Diamond Purifier, we use to buy it at the rate of $480 per gram and we need about 4kilos.

Assist us to know if the man has up to 5Kilos and each gram that we are buying, we are adding some commission for your assistance.

Once you confirm, our company will be coming twice in a month. Please co-operate with us because this is a lifetime.

Regards,

Mr. Robert Marshall
+44-792 4514941
Reply: marshall01@kimo.com

[...]

Kaspersky Lab and ITU Research Reveals New Advanced Cyber Threat: Win32.Flame

Tue, 29 May 2012 13:02:09 EDT

Quote

Kaspersky Lab announces the discovery of a highly sophisticated malicious program that is actively being used as a cyber weapon attacking entities in several countries. The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date.

The malware was discovered by Kaspersky Lab’s experts during an investigation prompted by the International Telecommunication Union (ITU). The malicious program, detected as Worm.Win32.Flame by Kaspersky Lab’s security products, is designed to carry out cyber espionage. It can steal valuable information, including but not limited to computer display contents, information about targeted systems, stored files, contact data and even audio conversations.

Video of Interview on FoxNEWS: http://video.foxnews.com/v/1661713056001/
More information can be found here: http://www.kaspersky.com/about/news/virus/2012/Kaspersky_Lab_and_ITU_Research_Reveals_New_Advanced_Cyber_Threat [...]

Facebook rumored to be eyeing Opera as their next purchase

Sun, 27 May 2012 16:21:16 EDT

It's well known that for all of Facebook's online presence the major weakness is their mobile presence and applications. This is evident by their recent purchase of Instagram. With their recent IPO shareholders will not be satisfied with a continued diminished mobile presence.

By purchasing Opera they gain a healthy market share of mobile browsing. This makes it easier to integrate Facebook on the mobile platform.

More on the rumor:

http://www.computerworld.com/s/article/9227516/Opera_is_Facebook_s_best_browser_play

http://www.digitaltrends.com/mobile/facebook-may-buy-opera-facebook-phone-rumors/

http://news.cnet.com/8301-1023_3-57441790-93/facebook-in-talks-to-buy-browser-company-opera-says-report/

Also the Google search results: Facebook to buy Opera [...]

Absinthe 2.0 Now Available For iOS 5.1.1 Devices

Fri, 25 May 2012 23:37:44 EDT

Latest tool to jailbreak Apple iOS 5.1.1

Quote

The latest jailbreak tool marks the first time the third generation iPad could undergo an untethered jailbreak, released on the same day as the Hack in the Box (HTB) conference in Amsterdam. The team unveiled the utility on the final day of the conference in the last few minutes.

International Business Times

More......

Absinthe 2.0 Jailbreak Is What's Wrong with iOS [...]

Google releases the Webmaster Academy for beginning webmasters

Wed, 23 May 2012 09:21:38 EDT

If you are an aspiring web designer or starting a new site, Google announced today a new program called Webmaster Academy. This new section provides introductory information on how create sites that perform well in Google. Most of the information is basic, but there is some essential information for those that are first getting started with manage web sites.

If you have already developed your site and are looking for more information about search engine optimization, it is highly recommended to read Google's Search Enginer Optimization Guide. This document contains more detailed information on how to better design your sites so that search engines can index your content more efficiently. [...]

Google Chrome Now the No. 1 Browser in the World

Tue, 22 May 2012 02:55:27 EDT

Google Chrome Now the No. 1 Browser in the World

Google�s Chrome web browser just passed Microsoft�s Internet Explorer to become the most-used browser in the world, says the latest data from a digital analytics service.

Although Chrome has edged out IE before for short periods, the last week marks the first time Chrome was the No. 1 browser for a sustained period of one week. Exactly 31.88% of the world�s web traffic was done on Chrome, according to StatCounter, while IE is a close second at 31.47%.

Although the difference is slight, Chrome has been trending up for some time, while IE has been trending down. IE is still the top browser in many regions, including North America, but Chrome is extremely popular in both India and South America � the latter being a region where Google�s Orkut social network also has significant market share.

Original article from Mashable can be read here. [...]

Beware of phone telephone scammers calling on behalf of Google

Tue, 15 May 2012 10:06:54 EDT

A new phone scam is underway where people are receiving phone calls by people who state that they calling on behalf of Google. These callers state that they received your name and number from the Google Database and that Google had detected that your computer was infected or had a problem. They further stated that they worked for Gooseberry Tech, who has a partnership with Google to offer a free remote troubleshooting evaluation of your computer. If you agree to this evaluation, they will have you download TeamViewer and will then use it to take remote control of your computer. They will then proceed to poke around your computer, look at event viewer, and check your programs. While doing this they will point out "serious" and "alarming" problems on your computer. When they are done scaring you, they go in for the kill by trying to sell you a one-time fix, for $100, or a maintenance contract for $199.

This is not the first time phone scammers have pretended to be from large companies and offering free troubleshooting services. In the past, phone scammers were calling people and stating that they were from Microsoft who had detected that their computer had a problem. They would then offer to remotely fix their computer for a fee. Eventually Microsoft caught wind of this scam and warned about these scammers on their Windows blog.

I was first alerted to this when a friend said they were infected with the Smart HDD rogue anti-spyware program. They were concerned because they thought the Smart HDD warnings were legitimate and entered their credit card information and phone number. The credit card did not go through, so I alerted him to contact his credit card company and if he chose to keep the same credit card number to at least keep an eye on any charges. The next day, he received a phone call from 321-329-5304 on the same mobile number that he entered on the Smart HDD screen. He told me that the person calling had an Indian accent and was telling him that that they were calling on behalf of Google because it appears that he had a computer infection. He then tried to have him install the TeamViewer software so that they could remotely connect to their computer. Thankfully, my friend realized that something did not sound right, hung up the phone, and called me.

I did a little research on the number and saw that he was not the first person who has had a call from these people. In fact there were other complaints regarding this number and a company called Gooseberry Tech. I started up a Windows XP virtual machine, infected myself with Windows ProSecurity Scanner and gave them a call. A man with an Indian accent named John answered and I explained that I received a phone call from them a few days ago and decided I still needed help. I explained that I think I was infected and he had me go to the site http://www.gbdl.tk/ where I was asked to download and install TeamViewer.

Once TeamViewer was installed, they remotely took control of my computer and started poking around. It was fairly obvious from the beginning that John had absolutely no idea what he was doing. He couldn't understand why Windows ProSecurity Scanner would open when he attempted to run Internet Explorer or Windows Task Manager. I sat there for about 5 minutes watching him continue to try and open these two programs repeatedly until I hinted that it was probably the virus interfering. He then proceeded to look over the Windows Event Viewer where he would point out innocuous messages and state that they indicated I had a a severe problem on my computer. After a while, they went in for the kill and asked me to pay for a support contract, which was quickly declined. They said if I still wanted help I could reach them at 1-800-501-0335, 650-204-4405, or 321-329-5304.

When you visit their web site, www.gooseberrytech.com, you can see how they are really pushing a Google affiliation. There are Google logos everywhere and the Gooseberry logo has a very Googly feel to it. In small print under the Gooseberry logo it states that their parent company is iHorse Technologies, which is a remote support company based out of Toronto, Canada. Furthermore, the company phone number listed on the Gooseberry site is the same that I was given, 1-800-501-0334 and 1-800-501-0335. When you do a Google search for 1-800-501-0335, the first search result is for iHorse Technology.

Gooseberrytech.com Web Site

One alarming thing I have noticed is a connection between these phone calls and the rogue anti-spyware program called Smart HDD. In comments found online, a common theme is that people who have become infected with a rogue like SMART HDD, and who may have possibly purchased it or attempted to contact the malware developers, will then receive a phone call from Gooseberry Tech. This will not be the first time that we have suspected rogue developers are working both sides of the fence. There have been hints of rogue developers not only infecting people for profit, but also creating actual removal blogs in order to generate ad revenue and affiliate commissions from the removal of their software.

At 800notes.com, a popular site used by people to report phone numbers used by scammers, there is a topic about the 650-204-4405 number where many people complain about these scammers. One of the replies to this thread is supposedly from the iHorse president in which he states their company is not involved. I have called and emailed iHorse Technologies but have not received any comment back from them.

With this said, beware of any phone calls from people who state that they are calling on behalf of large companies like Microsoft and Google. Microsoft and Google will not call you to offer free phone support or to tell you that your computer is infected. If we receive these calls, promptly hang up and report it to the FCC or other government authority.

[...]

Firefox 3.6.x reaches end of life.

Wed, 25 Apr 2012 13:33:25 EDT

Firefox 3.6.x reaches end of life.

As expected, the 3.6.x branch of Mozilla's open source Firefox web browser reached its end of life on Tuesday 24 April – no further updates, including security updates and critical fixes, will be made available for the series. According to recent Platform Meeting Notes, users running Firefox 3.6.13 to 3.6.28 should have already started receiving "Major Update" prompts asking them to upgrade to the latest stable release of the browser. All of these users are advised to upgrade as soon as possible.

Full story: http://goo.gl/qZPFw

Mozilla Firefox 12 Final released:
http://www.mozilla.org/en-US/firefox/all.html [...]

Google launches online storage application

Tue, 24 Apr 2012 14:20:58 EDT

Today, Google revealed their newest upcoming product: Google Drive.

Google Drive is an online file storage application similar to Dropbox, but with a twist.

In addition to standard file storage Google Drive offers several additional features including file revision history, built in compatibility with Google Docs, and a powerful search tool to navigate your files.

Google Drive is free to use and comes with 5GB of storage. Additional storage is available for a yearly fee.

Check it out at http://drive.google.com

While Google Drive is not yet available for all Google account holders, it is currently in the process of being rolled out. You can be notified when your Google Drive is available by clicking on the "Notify me" button in the top left corner of the Google Drive page while signed in to your Google Account. [...]

Google increases payouts for their Vulnerability Reward Program

Mon, 23 Apr 2012 15:47:27 EDT

Google announced today that they have increased the payouts for security researchers who privately disclose vulnerabilities in Google Applications. Previously the maximum reward for a single vulnerability was $3,133.70, or $3,133.7 for you leet speakers. With this update to the Google Vulnerability Reward Program, payouts for certain vulnerabilities can now be as high as $20,000. With this higher reward, Google hopes to make it more enticing for security researchers who discover vulnerabilities to report it via "white-hat" methods rather than selling it to buyers who may want to weaponize the information for criminal purposes.

Under the new program, only those vulnerabilities that allow Remote code execution for accounts.google.com, highly sensitive services, or normal Google applications will be able to qualify for the $20,000 reward. Other properties owned by Google, but are not integrated into the following google.com, youtube.com, blogger.com, or orkut.com domains will only qualify for a $5,000 reward. Furthermore, any new acquisitions have a 6 month blackout period after being acquired before they qualify for a reward.

[...]