Archive
Rise of SPIM & Malicious ChatterBots
SPIM are spams through Instant Messaging.
These are now becoming prevalent threats. They are annoying and unfortunately if user falls into their tricks, it could lead to phishing sites and/or installation of malwares. Check out this blog post from CA.
In my past blog “Your MSN Account Has Been 0WN3D“ I have described how phishers get into your IM credentials. Apparently, they are everywhere supporting different languages as I have shown in this post “Identity Theft And Your MSN Account“
Aside from phishers, spammers and possible malware you can get is the emerging trend of malicious Chatterbots.
Let say in YM and you surf around and join chatrooms, you’ll find these chatterbots will immediately PM you. Obviously, you can spot if the other end is real or not but there are good ones that you won’t easily recognize as chatterbots. You’ll find later during your conversation that these bot will start to send a link or sometimes will require you to install something.
One example is like this… you join YM chatroom and somebody will send you a request as shown below.
After entering the conference room, you’ll find that it’s only you and the chatterbot.
It’s funny ‘coz it will start popping up some links and once you reply, it will just exit. **Thanks to Astr0 for the screenshots!**
Be careful and stay away from these threats!
disable Autorun registry key
With significant rise of malwares employing autorun.inf to execute and spread, Microsoft pushed a solution by disabling autorun registry key through Windows Update and Automatic update. Please refer all the details from this url: http://support.microsoft.com/kb/967715
Here’s an instruction to do it manually.
How to selectively disable specific Autorun features
To selectively disable specific Autorun features, you must modify the NoDriveTypeAutoRun value under the following registry key subkey:
| Value | Meaning |
| 0×1 | Disables AutoPlay on drives of unknown type |
| 0×4 | Disables AutoPlay on removable drives |
| 0×8 | Disables AutoPlay on fixed drives |
| 0×10 | Disables AutoPlay on network drives |
| 0×20 | Disables AutoPlay on CD-ROM drives |
| 0×40 | Disables AutoPlay on RAM disks |
| 0×80 | Disables AutoPlay on drives of unknown type |
| 0xFF | Disables AutoPlay on all kinds of drives |
Personally, I prefer 0xFF value which disables autoplay on all kinds of drives. The draw back here is when you are installing from CD ‘coz you have to manually execute the setup instead of automatically running it. The good thing, you’ll be safe from autorun malwares!
Visualizing OS X Threats
A small visual map of OS X threat distribution. They are often found in websites offering Free Software, Cracks and Keygens. Also, victimizing Mac users looking for drivers and books… this may equate an impression that “Free Mac Stuff” = “Mac Threats” – yes, attackers mostly rides on popular trend or search.
This is just part of the big map, but basically in my investigation these threats are massively distributed in different servers and geographic locations. Obviously, it provides us understanding that these threats are mostly driven by pay-per-intall schemes.
Victorian bushfire appeal 2009
The terrible news of Victorian bushfire is indeed devastating specifically to those affected. I still remember that week the temperature soared to 40 degrees Celsius, it was absolutely hot!
As described, it was like a roaring storm and soars like a tidal wave and rolls like a huge ball of fire. It was unimaginable!
Overall, I’m doing great this incident is 50-60Km away from Melbourne CBD (central business district) area where I live. Although, we experience thick smoke and ashes due to wind.
This is not related to any Mac Threats …. But, I am encouraging you to please take part in building the lives of those affected – who lost families, pets and properties.
Please send your donation through Australian Red Cross @ http://www.redcross.org.au. I did it online as well, just click secure online donation and follow through instructions.
Feel free to drop by and share your thoughts! Afterall, it is blessed to give than to receive.
World Map Infection Report
This is the global picture of “MacAccess” infection as reported by users through this blog. This is just small data but looking on mathematical perspective considering percentage of Mac users per continent, I believe the infection is not isolated but definitely in-the-wild. Perhaps, the author could show more infection report – Obviously, it’s giving them good numbers to the extent that these threats remain online and evolving.
Wondering why attackers are interested in Mac? Here’s an interesting trend as published by NetApplications Market Share.
Recent Comments