ComputerWorld - Programs covering the full range of hacking software, from Trojans to keyloggers to step-by-step tutorials on how to effectively hack Web sites and personal information, are now available on eBay Inc.’s online auction site, raising the concerns of one security company.
“It’s a simple matter of searching for it now” said Magida Ezzat, marketing communications manager at PC Tools.
“It’s also very, very cheap — it’s possible to even get it for free.” Although the programs are readily available on the Internet outside of eBay, the concern is that, since eBay is accessed by the general public, new audiences could become aware of how easy it is to get hacking tools. “People don’t need to be highly technical to access and use hacking software,” Ezzat said.
Although awareness of how to obtain and use hacking software is on the rise, policing and preventing the sale of the software remains difficult.
“For a Web site as large as eBay, policing is a near impossible task,” Ezzat said. Nonetheless, security-focused Web sites such as eBay are aware of the problem. “Hacking software that was available yesterday has been taken off the auctions today,” Ezzat said.
The good news is that hacking software auctions aren’t very popular at this stage. A search of the eBay Web site reveals that very few auctions featuring hacking software have any bids.
![[Slashdot]](http://slashdot.org/favicon.ico)
![[Digg]](http://digg.com/favicon.ico)
![[Reddit]](http://reddit.com/favicon.ico)
![[del.icio.us]](http://del.icio.us/favicon.ico)
![[Facebook]](http://www.facebook.com/favicon.ico)
![[Technorati]](http://technorati.com/favicon.ico)
![[Google]](http://www.google.com/favicon.ico)
![[StumbleUpon]](http://www.stumbleupon.com/favicon.ico)
The four Chinese cyber-criminals behind the Fujacks worm have been jailed by a Chinese court.
Fujacks caused havoc earlier this year when it covertly stole usernames and passwords from online gamers, and converted icons of infected programs into a picture of a panda burning joss-sticks.
Li Jun, who confessed to writing the worm and selling it to 12 clients for more than ¥100,000 yuan (£6,250) was sentenced to four years in prison by a court in Xiantao in Hubei province.
Wang Lei, Zhang Shun and Lei Lei were sentenced to between one year and two and a half years in jail for their part in the scheme.
“Chinese cyber-criminals are not just hitting PCs in their own country, but affecting computer users worldwide, so it is encouraging to see the authorities taking action against the perpetrators,” said Graham Cluley, senior technology consultant at Sophos.
“A surprising proportion of malware written in China is designed to steal credentials from players of massively multi-player online role-playing games.”
Chinese authorities said that the majority of the Fujacks infections have been dealt with after police persuaded Li Jun to write a counter-agent to his program to clean-up infected computers.
“Despite the worm’s author writing a program to clean up his infestation, it does not seem to have gained him much sympathy from the authorities,” noted Cluley.
Chinese hackers have been making the headlines recently. Online attacks on governments in the US, UK and Germany have been blamed on Chinese hackers working for the Chinese People’s Liberation Army (PLA), a claim that China has strongly denied.
Today, more and more new antispyware programs are created. Some are good products, come from reputable company, such as Trend Micro antispyware or maybe Webroot Spy Sweeper. However, new companies in this industry creates products called rogue antispyware.
These are bad antispyware products - they use certain tricks in their trial version to force users to buy their product. The most common way is by using false positive technique. That is by saying the computer is infected, even tough the system is perfectly clean. Worst of all, these malicious antispyware even install trojan horse in victims’ computer - in order to remove that, victim must purchase the license.
What raise my concern, is that such programs is on the rise. Over two hundreds suspected programs, and still counting. So, how do these companies spread their malicious programs to the world? You can guess it - one easy way is by using affiliate marketing. That’s how they can market these programs to thousands victims worldwide.
Actually, there’s nothing wrong earning money from affiliate program. If you’re a spyware specialist, or perhaps had years of experience cleaning infected computer, promoting antispyware programs would give a chance to earn money from your talent and knowledge. I also earning money by promoting antispyware programs. However, my advice is simple - watch what you’re promoting. Log on to spyware warrior rogue antispyware list - http://spywarewarrior.com/rogue_anti-spyware.htm and see if the program that you’re going to promote is inside the suspected list.
Some of spyware remover program that was in the list, is removed from the list (delisted), after certain correction is made and that apps is no longer shows false positive scan result.
How do you evaluate an antivirus program? The best antivirus software is not necessarily suit for everyone. It depends on certain factor; for example the ease of use, the quality of each scanning, additional feature set and the price.
The AVG antivirus by Grisoft is the free version that is quite popular nowadays. It has been awarded VB 100% award for six yeas consequently. The free version only provide basic scanning and update. No real-time protection, no auto scanning and no customer support. For most home users, this one is just good enough, since they don’t get infected by malware frequently. Plus, it is better since it’s free.
However, in my opinion, the interface for AVG free edition is somewhat not attractive. Some functions can’t be accessed that easy. If you’re looking for free antivirus, I recommend Bit Defender Free edition. Bit Defender has the scan engine that pass VB100% award and ICSA Labs. Plus, the interface is very neat, and easy to understand. Just like most free antivirus, it’ll scan only on demand and no additional features, such as firewall or antispyware.
These are list of free antivirus software:
What is widget?
In short, widget is small application that ease users to follow their favorite blog using RSS feed, monitor stocks, view news, check weather forecast, make desktop more attractive.
Type of Widgets:
There are two type; the desktop type and web widgets. Desktop widgets are application that runs on desktop. By default, Windows Vista already had installed desktop widgets. This is known as gadgets, it appears in Windows Vista’s sidebar. This would be an ease for Vista’s users since they can follow the feeds subscribe using Internet Explorer.
Web widget is another type that can be installed in any webpage or blog, with ease. Users can utilize Web Widgets to enhance a number of web-based hosts, or drop targets. Categories of drop targets include social networks, blogs, and personal homepages.
Security Issues
Recently, it is known that widgets are highly vulnerable to malware attacks. For one reason, widgets are built using Javascript and AJAX technology, making them exposed to cross-site scripting attacks. The developers also don’t concern a lot about the security of these apps. Just like browser, client e-mail and messenger program, widgets could possibly being hijacked, monitor users activity and creating botnets. Hence, savvy cyber criminals sees widget as a choice to execute malware and hijacker attacks.
In August, a vulnerability was identified that enabled a remote attacker to run codes on victims’ computer without his permission. For example, if a user add RSS feed from malicious websites, add malicious contact file, in the gadget, the attacker had a chance to run malicious program in that system. Because of this, Microsoft security update was released to addresses the vulnerability by improving validation code within Feed Headlines and Contact.
For Yahoo! Widgets, a vulnerability was discovered in version 4.0.3 that also allow attacker to run malicious codes in user’s PC. The flaws is caused by an error within ActiveX control that could cause a stack-based buffer overflow. Users can fix this problem by downloading the latest update to version 4.0.5. If not, the vulnerability will still exist.
Be careful, think twice before widget.
It is a good idea to run stay away from untrusted sources of widgets. Then, users should always takes malware prevention steps and having a good security software installed.
Today, keeping your computer safe becomes is a big challenge. More threat is created. Long time ago, before the internet takes over the world, virus threat is feared among computer users. But now, since all computer are connected to the internet, the threat is getting more complicated and it spread faster. Today, not only virus, we also got trojan Horse, worms, keylogger, spam and spyware.
The question now, how can we handle all these threat? To counter the virus threat, lots of labs are dedicated to create anti-virus software. Hence, to fight back the spyware threat, it is important to install a good anti-spyware.
However, as you can see, today, there are lots of anti-spyware programs. Which one is the best? Which one give the protection and removal that you need? Most importantly, some of these programs are fake. How can you differentiate between the good and the bad ones?
Well, to find a good anti-spyware, you must take certain factors into consideration. First of all, the effectiveness. An effective anti-spyware program must have lots of spyware in the definition. Then, it must be updated at least once per day. Most importantly, the support must be excellent. Yes, without a good support from the publisher, even the best spyware remover program can’t guarantee that your computer is 100% clean. Good support team will help you, and will clean your computer, in case you got serious spyware problem.
Then, one more thing to be considered is the protection level. Some spyware remover only care about removal part, but not the protection part. Some of them only block unwanted objects in Internet Explorer. A good anti-spyware must be able to defend you registry itself. Why? Because registry is the main target of most malware. Any hijacker that is going to change your Internet Explorer homepage, must access the registry first. Any spyware that wants to run on Windows Startup also must access the registry. Adware that wants to install toolbar on your browser will have to access registry. In short, find an anti-spyware program that guard your registry. There could be lots of program, but too little that provide registry guard.
There are lots of fake or rogue spyware remover program today. Some of them trick users by saying that your computer is infected, some of them even install trojan, in order to make users buy their product. How to avoid these fake apps? One simple thing - see the certification. Like Better Business Bureau (BB Online) Badge. Or perhaps high rating from a reputable lab, such as CNet or Tucows.
One more thing, your program must be user friendly. The interface must be neat and easy to navigate. The program must be easy to load. It also must not create conflict with your anti-virus software. Also, don’t install a program that slows down your system.
In summary, a good anti-spyware program must have good support, daily update, have a good rating from popular labs, guard system registry and must be user friendly. Is there any spyware remover program that has such features? Is there any company that create almost perfect anti-spyware program? There is. It is Sunbelt CounterSpy. It has daily update, good support and highly rated by CNet and Tucows lab. Also, the interface is user friendly and it won’t slow down your system. What I like most about this program, is the Active Protection will guard both registry and IE browser.
In short, if you’re looking for an anti-spyware product, you should try CounterSpy.
Copyrights (C) 2007 by Azlan. All rights reserved. Do not copy this without my permission.