In the mid-late 1990s the computer world was rocked by a new plague that spread very quickly through most Windows PCs that were running any form of Microsoft Office. This was the Macro virus and there were plenty of examples of these nasty little bits of Microsoft enabled code were written in a form of Visual Basic called VBA (Visual Basic for Applications). Think of VBA as a stripped down version of the more powerful programing languages.
Leveraging the hype around the 2012 Olympics in London cyber criminals are pushing out malware via spam emails claiming that Gabrielle Douglas, who won a gold medal in Women's Gymnastics All Around, will face lifetime ban from sport. Obviously they are expecting that false news about doping scandals will help a lot in spreading the malware. The email is suggesting a link that will open up a false youtube page and prompt you to download Adobe Flash plugin to view the content. Sophos, which first reported on this spam, detects the malware as Troj/Agent-XIK and Troj/JSRedir-IA.
If you have been around computers for long you might remember the “I Love You” malware or the Nimda malware. Both of these relied on our habits of opening up links and attachments without out considering the email or subject. What made Nimda and I Love You even more dangerous is that they came from people we know. Now it looks like there is a new Facebook malware running around the internet. The new malware that was caught by Sophos Labs takes advantage of user trust of links claiming to have posts about them. It is an often used form of social engineering that has been effective ever since some of the first Spam malware hit the net.
In the ongoing saga of the Android “botnet” that was reported by a Microsoft Engineer and then later backed up by a Sophos study we find now that it could be an altogether different item. When we first wrote about it we felt that it was hijacked accounts with an inserted or spoofed message ID that was then being sent back through Yahoo’s servers. It turns out that we were very close to the mark.
Just when you thought it was safe to go back in the web waters… It seems that some enterprising hacking group (as of right now not associated with Anonymous) has decided to break into LinkedIn and grab some passwords. According to reports the data is still in encrypted format, but the group that grabbed them is looking for help decrypting them.
Microsoft has scored a fairly important (if somewhat small) victory over some of the real cyber criminals out there. This morning they announced that through a joint effort with the US Marshals, Multiple Financial organizations they were able to bring two Zeus botnets down over the weekend. This was accomplished by seizing the command and control servers for this particular group. The Zeus family of malware has been responsible for millions of dollars in losses due to the theft of banking information.