TronaNews.com

[Anonymizer]

The Virus Turns 40
It started out as not much more than a simple prank, but then things got malicious!

The first virus was created in 1971, and was promptly given the name Creeper. The Creeper most noticeable side effect was when the virus displayed the message "I'm the creeper, catch me if you can!" on the screens of the infected machines. This virus was the beginning of the digital war that we are living in today: where companies try harder and harder to shore up the holes in their operating systems while the creators of malicious code work their hardest to exploit them. This war is about more than simple exploitation, it is a numbers game as well. When you consider that viruses have grown from 1,300 viruses in 1990 to over 200 million computer viruses on the web currently, we can see how things have grown exponentially.

LINK: http://www.physorg.com/news/2011-03-virus.html

[Anonymizer]

An article I read not too long ago explained how computer viruses have "evolved" over the years. They may have began as harmless pranks, but they "evolved" into malicious pranks in the 1990s. You don't see the malicious pranks too often anymore. Viruses are used more often than not as part of sophisticated schemes to make money now. The article said that what it referred to as "script kiddies" had grown up into those who sought monetary gain through fraudulent means. In any case, it's always a case of the good guys trying to figure out the tricks used by the bad guys and developing techniques to catch and foil the bad guys. It's an ongoing battle that has become an industry. The article went on to explain that there are those who claim that companies selling virus protection software support those who create viruses on the side in order to ensure that they will have customers in the future!

[Anonymizer]

The new viruses are sometimes called stealth viruses because they don't actually interfere with your computer except that they collect information or serve as part of a botnet. I'm pretty sure that I've never had a virus on any of my computers, BUT I suppose it's hard to know for sure. So, I guess all I can say is that AS FAR AS I KNOW I have never had a virus on any of my computers! It's hard to say what's worse, stealth viruses or malicious viruses? I suppose it ultimately depends on the damage done and either are capable of causing great harm...

[Anonymizer]

FBI Hijacks Botnet, With Court Order... Then Issues Kill Signal To Millions Of Computers
Interesting idea, but the implications are disturbing. What's to stop the FBI from using this excuse to remotely search anyone's computer at anytime? The last thing we need is yet another excuse to allow Big Brother to snoop into the private affairs of citizens!

While there are obviously good intentions here, and it's definitely a good thing to see a large malicious botnet go dark, there still are really serious concerns about this move, the legality of the move, and the risk of unintended consequences. Do we really want to set a precedent where the FBI can send commands remotely to millions of computers? And how confident are people that the FBI's programming skills won't cause problems, if not this time, at some point in the future? In the filing requesting the right to do this, the FBI even pointed out that a newer version of Coreflood had been released that morning "but that the FBI had tested the kill command against that variant and it had worked successfully." Of course, testing in the lab and deploying to millions of machines in the real world is entirely different. There are also concerns that this is an ongoing effort, since Coreflood apparently reruns every time a machine is rebooted, meaning that the FBI will have to keep sending this kill signal. And while the FBI swears up and down "that this would cause no harm to computers," how confident are you that this is really the case?

LINK: FBI Hijacks Botnet

[Anonymizer]

FBI Agents Can Lack Skills to Investigate Computer Intrusions, Report Says
From what I've read it's much worse than this. Most law enforcement agents - even those specializing in computer-related crimes - lack a comprehensive understanding of the value (or lack thereof) of computer evidence. While it is possible to forensically analyze computers for CLUES, the value of that information as actual EVIDENCE is extremely questionable. Viruses and other types of malware can quite easily plant files on the computers of suspects and these agents usually assume that the suspect was the one responsible for what is on the computer. Often this is a fair assumption, but way too often it isn't a safe assumption. The tendency is to over-value computer clues as actual evidence and hopefully more training will reverse this alarming trend.

A government review of the FBI agents who investigate national security-related computer intrusions found about a third of them lack the required technical skills to do their jobs. Of 36 agents interviewed, 13 were deficient in at least some of the necessary capabilities, according to a U.S. Justice Department inspector general’s report released today. Five of the agents told the inspector general’s office that they viewed themselves as unqualified to conduct investigations of computer hacking involving national security.

“One agent told us that he was assigned his first counterterrorism intrusion case but he did not know how to investigate a national security intrusion case,” according to the report. National security intrusions are the Federal Bureau of Investigation’s top cyber priority, the report said. Even so, the report found that the forensic and analytical capability of FBI field offices was “inadequate to support national security intrusion investigations.”

LINK: http://www.bloomberg.com/news/2011-04-27/fbi-agents-found-to-lack-skills-on-national-security-hacking.html

[Anonymizer]

I saw an interesting article about the Mac Defender scam going on at arstecnica. Too lazy to look it up and post the link!

[Anonymizer]

I saw an interesting article about the Mac Defender scam going on at arstecnica. Too lazy to look it up and post the link!

I think this must be the article that you're referring to:
Fake "MAC Defender" antivirus app scams users for money, CC numbers
LINK: http://arstechnica.com/apple/news/2011/05/fake-mac-defender-antivirus-app-scams-users-for-money-cc-numbers.ars

[Anonymizer]

Bin Laden Computer Virus Hits Facebook
Bin Laden coming back from the dead to haunt your computer?

[Anonymizer]

Apple Users Targeted by 'Mac Defender' Malware
Macintosh users had better watch out for this virus!

[Anonymizer]

Facebook Scams You Need To Know About: The 9 Most Common Hacks And Attacks
Facebook may not be quite so friendly as it at first seems...
1. Clickjacking
2. Fake Polls Or Questionnaires
3. Phishing Schemes
4. Phony Email Or Message
5. Money Transfer Scam
6. Fake Friend Request
7. Fake Page Spam
8. Rogue Apps
9. The Koobface Worm
LINK: http://www.huffingtonpost.com/2011/05/22/facebook-scams-hacks-attacks_n_864906.html

[cactuspete]

Top 5 Paid Antivirus for 2011
1. Symantec Norton
2. BitDefender
3. Avast
4. G-Data
5. Kaspersky Lab
LINK: http://www.pcworld.com/reviews/collection/5927/2011_paid_av.html

[surfsteve]

Thanks for reminding me to call Verizon and cancel my virus protection, I don't need it anymore since I am using Linux.