Help | Contact | Forum | Affiliates | Press
Purchase
Download
Features
Screenshots
Demo
Microsoft said on Thursday it has reached a settlement with Funmobile, the Hong Kong-based company it sued last July over accusations that Funmobile was using instant messaging spam to trick users into giving up their account information. The software maker said it has obtained an injunction against Funmobile requiring it to refrain from 'spimming' — sending IM-based spam — to customers or contacts of Windows Live Messenger, and to make a cash payment to Microsoft. "The successful resolution of this case sends a clear signal that Microsoft does not tolerate abuse of its networks, and we will continue to take action to protect our customers," said Microsoft associate general counsel Tim Cranton in a statement. Microsoft had accused Funmobile of targeting users on its Live Messenger network to gain their personal information. Live Messenger has more than 320 million users, according to the company. In the suit, Microsoft cited a number of attacks, including IMs that appear to be coming from users the victims know. It also described phishing attacks that mimic the look and feel of an outside service or an official Microsoft support page.
For the second time in less than six months, visitors to the Drudge Report say they got malware in addition to the Web site's usual sensational headlines. Matt Drudge denied that his site was infecting visitors, however it's likely that the malware is coming from ads delivered by a third-party ad network and not the site itself. "I can personally vouch for disinfecting my mom's desktop yesterday after visiting this Web page, even taking a screenshot after beginning remedial steps to address the attempted infection," a CNET reader wrote in an e-mail early on Tuesday. "I'm an IT professional in South Carolina so I know and understand the technology involved." The screenshot the reader provided to CNET shows a pop-up warning the viewer that the system is infected with malware and looks like a typical fake antivirus warning that criminals use to scare people into paying for software they don't need. The reader, who asked to remain anonymous, said he did not know exactly where on the site his mother had clicked before the fake warning appeared. It's very possible that the malware came via an ad. Many Web sites outsource the serving of their ads and ad networks have been used to deliver malware to sites since last year, affecting sites as prominent as The New York Times.
A network frequently used for malware delivery was shut down last night, probably against the will of its operators. Troyak.org, a Kazakhstani "Internet service provider" well-known for serving Zeus botnets and other malware delivery methods, went dark overnight, resulting in the shutdown of as many as 25 percent of the world's Zeus botnets, according to researchers at Cisco's ScanSafe and RSA's FraudAction security research units. The two groups of researchers did not definitively agree on the cause of the outage, but they agreed one likely source is backbone network service providers, possibly working with law enforcement agencies, which might have taken the action to cut service off from botnets and malware distributors. Less than 24 hours after the outage, many components of the ISP began to operate again. But malware delivery has temporarily dropped off significantly across the Web, and it's likely the Troyak network is at least crippled, the researchers say. "There are those who say that a takedown like this doesn't do much good because the network can get back into service fairly quickly, but I disagree," says Mary Landesman, head security researcher at ScanSafe. "A shutdown hits criminals where it hurts the most -- in the wallet. Rising costs will become a deterrent to some of this activity." According to Sean Brady, product manager for the Identity Protection & Verification Group at RSA, Troyak is an upstream provider for several smaller malware-bearing "ISPs."
SAN JOSE, Calif. — The sudden takedown of an Internet provider thought to be helping spread one of the most promiscuous pieces of malicious software out there appears to have cut off criminals from potentially millions of personal computers under their control. But the victory was short-lived. Less than a day after a service known as "AS Troyak" was unplugged from the Internet, security researchers said Wednesday it apparently had found a way to get back online, and criminals were reconnecting with their unmoored machines. The drama initially raised hopes of a sharp drop-off in fraud, because criminals could no longer communicate with many computers infected with a type of malware known as "ZeuS," which is mostly used to steal online banking usernames and passwords. Hundreds of criminal operations around the world use the malware. It's unknown how many computers are infected with ZeuS, but it's estimated to be in the millions. Cisco Systems Inc. said as many as 25 percent of the world's ZeuS-infected machines were unplugged from the massive "botnet" overnight with the takedown of AS Troyak. Botnets are networks of infected PCs that behave like criminals' remote-control robots. They steal identities en masse and are used to attack Web sites. But instead of a slam-dunk victory, the incident wound up highlighting the whiplash pace at which criminals can resurrect their illicit businesses after what should have been a devastating setback.
It's being rolled out to Direct Messages first, where much of the spamming occurs. All links sent through Direct Messages will be submitted to this service. They'll be checked for spam and then shortened using a twt.tl root link. Twitter says that even if a bad link has already been sent out through a Direct Message, if a user clicks, Twitter will be able to protect them. Spam has been a problem for Twitter. If you're a regular user of the service, I'm sure you've had your fair share of Direct Message spam. There's also a ton of spam in public tweets and @ replies. Hopefully, this solution works for Twitter and they'll be able to provide better spam protection for the main Twitter feeds. Spam is a social network killer and one of the reasons for MySpace's demise. Now, if we can only get Justin Beiber to stop being a trending topic.
(Reuters) - A California man angry about a denied insurance claim was arrested and charged with extortion after he sent an email to New York Life threatening to damage its business, federal prosecutors and a company spokesman said on Monday. Anthony Digati, 52, of Chino, California, also threatened to send computer spam to the insurer in his attempt to extort about $200,000, according to Preet Bharara, U.S. attorney for the Southern District of New York. "I have 6 MILLION emails going out to couples with children age 25-40, this e-mail campaign is ordered and paid for," the criminal complaint quoted a February 22 email as saying. "2 million go out on the 8th (of March) and every two days 2 million more for three weeks rotating the list," it went on. "Of course it is spam, I hired a spam service, I could care less, The damge will be done." Digati could not be reached to comment at his home telephone number. New York Life insurance company spokesman William Werfelman confirmed it was the target of the threats. "After Mr. Digati contacted the Company with his threats we conducted a thorough internal investigation and determined the best course of action was to turn this over to the FBI for their assessment," the spokesman said in an emailed statement.
Got an email address? You're getting spam. Your mail provider might be doing a good job of screening you from420 it, but spam on the Internet is as common as Botox at the Oscars! Unfortunately email spam isn't the only spam variety. There's also link spam. Unless you run a website you might not know about link spam. It's a way for 'blackhat' webmasters to pump up the value of their sites and it all relates back to how search engines work. Not only do search engines check the content of websites they also check to see who trusts or depends on those website. That's shown by links. So, for instance, if you own a website and link back to AppScout (we are forever grateful) you are bestowing a little of your goodness on us. That's how Google, Yahoo!, Bing and the others interpret your largess. But if you run a site that's not trustworthy and no one in their right mind would ever link to you how can you still achieve search engine greatness? One way is to game the system with link spam. We see it in our comments here on AppScout all the time (though we work hard at policing against it). "Great post. That's really well thought out," is typical of comment spam. The content of the comment is meaningless. The commenter is really trying to get his/her URL listed alongside the comment. If he does--Bingo!
NEW YORK (Dow Jones)--A California man has been charged with trying to extort nearly $200,000 from New York Life Insurance Co. by threatening to send six million disparaging spam email messages about the company. Anthony Digati, 52 years old, of Chino, Calif., has been charged with one count of extortion through interstate communications. He faces up to two years in prison on the charge. It was revealed in a court appearance in California on Monday that his alleged target was New York Life. The company's name wasn't initially disclosed when the case was unsealed on Monday. Digati was arrested in California on Saturday. Bail was set at $50,000 at a hearing in federal court in California on Monday. As a condition of his bail, Digati is prohibited from engaging in Internet use regarding New York Life. Calls to Digati and his lawyer weren't immediately returned Monday. "After Mr. Digati contacted the company with his threats, we conducted a thorough investigation and determined the best course of action was to turn this over to the FBI for their assessment," a New York Life spokesman said. The company has no further comment, he said. Prosecutors from the U.S. Attorney's office in Manhattan alleged that Digati, on Feb. 22, contacted more than a dozen employees and executives of the insurer and one director by email, telling them to visit a Web site he had created. "I'm sorry it had to come to this, but I guess you won't listen to what customers' concerns are," Digati allegedly said in the email, according to prosecutors. "You enjoy ripping policyholders off with obscure products bought because of the trust you have established over 160+ years. You enjoy misleading the public and I will make it my purpose in life to educate them."
A California man who felt like his insurance company was cheating him has been arrested for threatening to launch a spam email attack against the company. Anthony Digati, 52, was arrested over the weekend and charged with extortion, federal prosecutors in Manhattan announced Monday. Digati had sunk almost $50,000 into a variable life insurance policy sold by New York Life and wanted a fourfold return. When the firm didn't comply, he allegedly threatened to send out 6 million emails critical of the company - which prosecutors say is extortion. "As you have denied my claim I can only respond in this way," Digati wrote in an e-mail sent last months to dozens of the company's employees, according to a criminal complaint in Manhattan Federal Court. "You no longer have a choice in the matter, unless of course you want me to continue with this outlined plan. I have nothing to lose, you have everything to lose. "Of course it is spam, I hired a spam service, I could care less, The damage will be done," Digati allegedly crowed.
A Trojan backdoor found its way into Energizer Duo USB battery charger software downloads. Malware bundled in a charger-monitoring software download package opens up a back door on compromised Windows PCs. The contaminated file is automatically downloaded from the manfacturer's website during the installation process, not bundled with an installation CD. Symantec warns that a file called “Arucer.dll”, which it identifies as Trojan-Arugizer, that is installed on compromised systems is capable of all manner of mischief. This includes sending files to the remote attacker or downloading other strains of malware, as instructed via commands on a back channel controlled by hackers. It's unclear how long the potentially malicious file has been offered up for public download or how many have been infected, as a write-up on the threat by Symantec explains. In a statement, Energizer acknowledged the problem and discontinued sale of the affected device, the Duo Charger (Model CHUSB). The battery maker has also launched an investigation into how backdoor functionality found its way into its software.
