Thursday, April 28, 2011

Iran Targeted In New Malware Attack

Iran is investigating new malware dubbed "Stars" that government officials say is being targeted at the country as part of ongoing cyberattacks.

"The particular characteristics of the Stars virus have been discovered," Gholamreza Jalali, commander of the Iranian civil defense organization, told the Mehr news agency according to Reuters.

"The virus is congruous and harmonious with the (computer) system and in the initial phase it does minor damage and might be mistaken for some executive files of government organizations," he said, declining to specify what equipment the virus targets.

Jalali said efforts to contain last year's Stuxnet infections are ongoing and called on the foreign ministry to take action to stop the "cyber wars" against the country.

Officials in Iran have accused the U.S. and Israel of being behind Stuxnet, which spread through Windows holes and targeted specific Siemens industrial control software. Experts speculate it was written to sabotage Iran's nuclear program.

Source: http://news.cnet.com/8301-27080_3-20057103-245.html#ixzz1KrFJA3Gs

Tuesday, April 19, 2011

Match.com To Screen For Sex Offenders

(Credit: Chris Matyszczyk/CNET)

Match.com will start checking its members against a national sex offenders registry.

The company expects to start the new policy in 60 to 90 days, Match.com told CNET this morning, and confirmed that the policy will affect both new and existing members.

Match.com has been considering the option for a while, but yesterday's decision was hastened as a result of the attention brought on by a lawsuit filed last week, spokesman Matthew Traub told the Associated Press yesterday.

A woman in California has sued Match.com, claiming she was sexually assaulted by a man that she met through the online dating service. Arguing that the woman had no idea her date had been convicted of sexual battery, the suit is seeking an injunction to stop anyone from joining Match.com until the company sets up a process to screen for convicted sex offenders.

Match.com president Mandy Ginsberg told the AP that the company had been hesitant to implement such screenings due to their "historical unreliability." But discussions with advisers over the past few days convinced Match.com that certain improvements have made sex offender registries more accurate, prompting the dating service to reverse its stance.

To conduct its screening, the company will tap into a national registry of sex offenders set up by the federal government. This registry pulls together information from the 50 states and other U.S. territories and lets users search for sex offenders by name as well as location.

Since the registry relies on coordinating data from a variety of different local sources, Match.com is cautioning that these types of checks can still be highly flawed.

"It is critical that this effort does not provide a false sense of security to our members," Match.com said in a statement sent to CNET. "With millions of members, and thousands of first dates a week, Match.com, like any other large community, cannot guarantee the actions of all its members. Match.com is a fantastic service, having changed the lives of millions of people through the relationships and marriages it has given rise to, but people have to exercise common sense and prudence with people they have just met, whether through an online dating service or any other means."

Match.com advises its members to read and follow the safety tips that it posts on its Web site to better protect themselves both online and offline.

Update at 11:10 a.m. PT: Added statement and information from Match.com.

Source: http://news.cnet.com/8301-1009_3-20054881-83.html#ixzz1JzbtLGBO

Monday, April 11, 2011

New Fake Antivirus Accepts SMS Payments

There's a new twist with some fake antivirus scareware that has cropped up. It accepts payment via SMS, according to antivirus firm CyberDefender.

Typical rogue security programs infect the system first, then display pop ups warning that the computer is infected, and request payment to clean it up. The new programs are seemingly more genteel, asking for the money before the program is installed and infects the system, said Achal Khetarpal, threat research director at CyberDefender. Of course, a payment does nothing to "fix" a system and means criminals now have your money and possibly your credit card information.

When a potential victim happens upon a Web site hosting the malware, a dialog box pops up that looks very much like an installer window for a legitimate antivirus product, according to screenshots from CyberDefender. It says "Welcome to" and names a popular antivirus software and suggests closing other applications. If the victim falls for the ruse, it then displays a message that says "To complete installation, you must go through activation" and offers several ways to pay, including SMS (Short Message Service), WebMoney, and credit card.

If you click "cancel," the program won't install, compared with typical fake antivirus programs that have already infected the system by the time the victim realizes what is happening and keep displaying the annoying pop-up messages, even after reboot, Khetarpal said.

The company has seen five versions of the rogue security programs masquerading as software from Avast, Norton, McAfee, BitDefender, and RootKitBuster, and they, as usual, target Windows systems.

Khetarpal could not say how widespread the malware is but said he has seen it in a "lot of Web sites" and in relation to search results for popular and trending topics.

Fake AV scammers aren't the only ones to hop on the SMS payment bandwagon. Scammers were found to be seeking payment by SMS for fake browser updates earlier this year, according to GFI Labs.

Source: http://news.cnet.com/8301-27080_3-20052203-245.html#ixzz1JFJAj0pp