After two and a half years in operation, we’ve decided to give our website a bit of a facelift. Our new design features improved navigation, making it easier to find what you’re looking for – from our software alerts to website reports to tips for keeping your computer safe. The companies and organizations we partner with are more visible, too.
Take a look around and let us know what you think!
The folks at KnujOn teamed up with watchdog site LegitScript to put together a report about websites selling anabolic steroids illegally. They found that, although the site owners themselves may be outside the U.S., they are using U.S.-based domain registrars, many of which don’t enforce their own terms of use prohibiting illegal use of registered domain names:
All 156 websites are registered with eight domain name registrars located in the United States. The website operators often use anonymous registration services offered by the registrars, or are located outside of the United States.
...
Three weeks prior to the report’s release, LegitScript and KnujOn requested that the US-based domain name registrars terminate, or “take down,” the steroid websites identified in the report. However, most of the websites were still accessible at the time of the report’s release.
“So far, most of the websites are still active,” said Garth Bruen, President of KnujOn. “This is a big problem, and it’s important that the domain name registrars terminate access to these websites.”
More details can be found in the full report.
Ars Technica reports on a recent report by security vendor Finjan, describing how criminal malware groups are getting more organized, much like the Mafia in The Godfather or the drug gangs in The Wire:
Finjan describes the employee structure that these cybercrime companies employ as being similar to the Mafia. In both cases, there is a “boss” who operates as a business entrepreneur and doesn’t commit the (cyber)crimes himself, with an “underboss” who manages the operation, sometimes providing the tools needed for attacks. In the Mafia, several “capos” operate beneath the underboss as lieutenants leading their own section of the operation with their own soldiers, and in cybercrime, “campaign managers” lead their own attacks to steal data with their “affiliation networks.” The stolen data are sold by “resellers,” similar to the Mafia’s “associates.” Since these individuals did not partake in the actual cybercrime, they know nothing about the original attacks. They do, however, know about “replacement rules” (for example, stolen credit cards that have been reported) and other company-specific policies, just like the sales representatives you talk to in your average store.
The more organized the criminals, the more industry players need to work together, share data, and organize ourselves against the badware threat. This is especially true if we want to thwart badware while still maintaining integrity and openness, as I described in my recent guest blog post at ZDNet.
A new report [pdf] from Commtouch, an e-mail security vendor, indicates that “zombies” (PCs infected with bots that send spam and malware) are geographically much more dispersed than we found infected websites to be. Turkey led the world by a small margin, with 11% of the ten million zombie IP addresses analyzed, while the U.S. was in 9th place with 4.3%.
Not mentioned in the report is that some of the countries near the top of the list, including Turkey, Germany, and Poland, must have very high “zombies per Internet user” rates, as these countries have far fewer users, yet more total zombies, than the U.S. Perhaps all the work that has been done here at home in the last few years to educate users about PC security is having some effect. Still a long way to go, though, if we have 4+ million zombies in the country.
They say that imitation is the sincerest form of flattery. Consider us flattered, then, that a rogue anti-malware distributor set up shop at stopbadware2008.com. Microsoft should be flattered, too, as the home page is designed to imitate an Internet Explorer malware warning screen:
It should go without saying, but I’ll say it anyway, that this site is in no way affiliated with StopBadware.org, and we do not recommend installing their deceptively advertised product.
Thanks to Donna for her post at Dozleng.com that brought this to our attention.
