Wednesday, October 25, 2006

Sophistication of Viruses and Trojans

Security experts have discovered viruses that install and use Anti-Virus in order to prevent competition from other viruses.

Its interesting to figure out what the newly discovered Trojan "SpamThru" actually does.
1. It infects computers on the internet.
2. Then it downloads Kaspersky AntiVirus and installs it in the infected computer and configures Kaspersky AntiVirus to ignore "SpamThru", thereby preventing other viruses from infecting its host, thereby eliminating competition.It even applies a crack to Kaspersky AntiVirus in order to prevent the software from licencing and expiry problems!

3. Moreover, SpamThru uses its own custom P2P protocol to transmit data among infected computers. Like BitTorrent network, SpamThru uses its own network to issue updates to the virus, so that the virus code is updated often and goes undetected by major Antivirus softwares.

4. Another interesting thing is that the virus uses AES (Advanced Encryption Standard,an encryption standard by the U.S. government) to encrypt its data that is sent over its network in order to avoid detection by other spammers!

Security expert, Stewart at SecureWorks states that,
"The complexity and scope of the project rivals some commercial software," he wrote. "Clearly the spammers have made quite an investment in infrastructure in order to maintain their level of income."

It seems the spammers and criminals benind these softwares are following a high level of software development engineering mechanisms.

We, the users of Internet must be well prepared to tackle such high level sophisticated viruses.

Simply follow these guidelines to have a clean system(and ensure a cleaner Internet),
- Install an Anti-virus and keep it upto-date( i use norton 2003)
- IE users must install Service Pack 2 for XP, or else use Firefox
- Keep an anti-spyware software such as Spybot or Spydoctor

Tuesday, October 17, 2006

PageFlakes : Interesting startup


All major internet players offer a personalized homepage option.
(Google , My Yahoo, MSN Live etc).
The homepage personalization market is already dominated by large players.
At such a time,a group of entrepreneurs, spread all across the globe (the true virtual organization?) came together to start PageFlakes.com.
Its simple in concept and complex in its vast range of features.
In virtually no time they have created a page that lets you setup your own Web with 100s of applications, news feeds and even share it with friends.

Goto pageflakes.com and SignUP and get started.

Firefox extension: Errorzilla


This extension changes the default "Page not found" Firefox error page into some useful page with features such as
. checking google cache for the page
. pinging the page via dnsstuff.com
. view snapshot via wayback machine (web.archive.org)
. Trace the IP
. WHOIS lookup of the page.

Link: https://addons.mozilla.org/firefox/3336/

Saturday, October 14, 2006

WHOIS Spamming?

The Whois lookup of www.google.com from whois.net and several other registrars yeild the following result.
----------------------------------------------------------
GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
GOOGLE.COM.PLZ.GIVE.A.PR8.TO.AUDIOTRACKER.NET
GOOGLE.COM.IS.POWERED.BY.MIKLEFEDOROV.COM
GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM
GOOGLE.COM

To single out one record, look it up with "xxx", where xxx is one of the
of the records displayed above. If the records are the same, look them up
with "=xxx" to receive a full display for each record.
----------------------------------------------------------
It looks like spammers are also getting their hands on Whois lookup services too.
The Whois lookup result for google.com can be seen here:
http://whois.net/whois_new.cgi?d=google.com
A cached version of the page is here

Can anyone explain how whois.net's database includes such data?
Digg the article here...

Sunday, October 08, 2006

Google CodeSearch

Unlike Google's main Web search engine, Google Code Search peeks into the actual lines of code whenever it finds source-code files on the Internet. This will make it easier for developers to search source code directly and dig up open-source tools they may not have known about.

Link: http://www.google.com/codesearch

China Attacks U.S. Satellites

China targeted and attacked an US spy satellite last week with high powered LASER from the ground.
The LASER didnt physically damage the satellite, but it could have blocked down the sensors temporarily.

The issue looms large, given that US military operations have rapidly grown more reliant on satellite data for everything from targeting bombs to relaying communications to spying on enemy nations.

Critical US space assets include a constellation of 30 Global Positioning Satellites that help target bombs and find enemy locations.

The US Defence Department remains tight-lipped about details, including which satellite was involved or when it occurred.