Long considered to be malware and a threat to privacy and security, keylogging software has been found on Microsoft Internet Explorer 8 and Google Chrome. However, these keyloggers were not placed there by hackers—the companies put them there on purpose.

Google and Microsoft added keyloggers to their browsers in an attempt to improve searches for their users. Keylogging allows the browser to determine common or most likely searches based on the user’s past usage. They also store user log-ins and passwords for the user’s convenience, track activity to help determine the cause of errors, and employers use keyloggers to track employee productivity. While this is all very useful for the companies doing the tracking, it makes anti-malware protection more complicated, because the malware applications like Kaspersky AntiVirus cannot simply delete all keyloggers as they have up until this point.

Cyber criminals use keylogging to capture and record each keystroke you make to steal personal information like user IDs, passwords and anything else they can use to steal your identity. However, some companies are now using keylogging for more legitimate purposes.

In order to determine the best course of action regarding keyloggers, Kaspersky Labs, an industry leader in anti-malware protection, is seeking legal counsel. While they do not want to accuse legitimate companies of wrongdoing, they still want to provide the best and most comprehensive anti-malware protection on the market. If it were up to Eugene Kaspersky, CEO of the company, users would not stand for these privacy-invading programs to be present on their browsers and request the companies to remove them. “That would save us a lot of work, and we already have plenty to do,” he told Computer Weekly. Google is already reacting to the public’s aversion to keylogging by promising to keep the information anonymous, but Microsoft has made no such announcements as of yet.

What it all comes down to is this: is the convenience provided by keylogging worth compromising the security of your computer?

Tags: Google Chrome, Internet Explorer, Kaspersky, Keyloggers, Keylogging, Malware, Microsoft IE 8

Author: Christopher

In its second month of compiling data, the new Kaspersky Security Network (KSN) technology revealed some significant changes amongst the most widespread malicious programs.

The first table is based on statistics provided by our 2009 antivirus products. This table shows the malicious programs detected on users’ computers.

 1              Trojan.Win32.DNSChanger.ech
 2    New    Trojan.Win32.Pakes.kab
 3    New    Trojan-Downloader.Win32.Agent.xqz
 4    New    Trojan-Downloader.Win32.Agent.yaw
 5    New    Trojan-Downloader.Win32.Agent.xws
 6    New    Trojan-Downloader.Win32.Small.zie
 7    New    Trojan-Downloader.Win32.Agent.xna
 8    New    Trojan-Downloader.JS.Agent.chk
 9    New    Trojan.Win32.Agent.tfc
10    +6      not-a-virus:AdWare.Win32.BHO.ca
11    New    not-a-virus:AdWare.Win32.Agent.cp
12    -3      Trojan.Win32.Agent.abt
13    New    Trojan-Dropper.Win32.Agent.tbd
14    New    not-a-virus:AdWare.Win32.BHO.sc
15    New    not-a-virus:AdWare.Win32.BHO.vp
16    New    Trojan-GameThief.Win32.OnLineGames.sjbb
17    New    Trojan-Clicker.Win32.Agent.bkd
18    +1      Trojan.Win32.Chifrax.a
19    New    Trojan.RAR.Qfavorites.a
20    New    Trojan-GameThief.Win32.OnLineGames.sgpq

A total of 28940 different malicious and potentially unwanted programs were detected on users’ computers in August. That is an increase of more than 8000 on July’s figures and points to a significant increase in the number of in-the-wild threats.

Source: Kaspersky Lab

Tags: Malware

Author: Christopher

Adobe is reporting an unusually high number of social networking sites hosting fake Adobe Flash installations.  These installations are installing malicious software on to your computer.   Like all software installs, it is highly recommended you verify the URL before accepting a download and making sure your antivirus protection is up to date and active.

Tags: Adobe, Adobe Flash, Flash, malicious software, Malware, Virus Protection

Author: Christopher

Throughout July the majority (76%) of all malware identified fell into the Trojan category. Of the 20,704 unique malware findings in July, 20,000 of them were found in the wild.

1	Trojan.Win32.DNSChanger.ech
2	Trojan-Downloader.WMA.Wimad.n
3	Trojan.Win32.Monderb.gen
4	Trojan.Win32.Monder.gen
5	not-a-virus:AdWare.Win32.HotBar.ck
6	Trojan.Win32.Monderc.gen
7	not-a-virus:AdWare.Win32.Shopper.v
8	not-a-virus:AdTool.Win32.MyWebSearch.bm
9	Trojan.Win32.Agent.abt
10	Worm.VBS.Autorun.r
11	Trojan.Win32.Agent.rzw
12	Trojan-Downloader.Win32.CWS.fc
13	not-a-virus:AdWare.Win32.Mostofate.cx
14	Trojan-Downloader.JS.Agent.bi
15	Trojan-Downloader.Win32.Agent.xvu
16	not-a-virus:AdWare.Win32.BHO.ca
17	Trojan.Win32.Agent.sav
18	Trojan-Downloader.Win32.Obitel.a
19	Trojan.Win32.Chifrax.a
20	Trojan.Win32.Agent.tfc

Source: Kaspersky Lab

Tags: malicious software, Malware, Trojan, Trojans, virus

Author: Christopher

New Survey Lists Top Eleven Botnets

Joe Stewart, director of malware research at SecureWorks Inc., presented a survey ranking the top 11botnets that send an estimated 100 billion spam messages a day from over a million hacked systems.

	Botnet	# of bots	Spam capability
1	Srizbi	315,000	60Billion/day
2	Bobax	185,000	9Billion/day
3	Rustock	150,000	30Billion/day
4	Cutwail	125,000	16Billion/day
5	Storm	85,000	3Billion/day
6	Grum	50,000	2Billion/day
7	Onewordsub	40,000	Unknown
8	Ozdok	35,000	10Billion/day
9	Nucrypt	20,000	5Billion/day
10	Wopla	20,000	600Million/day
11	Spamthru	12,000	350Million/day

Stewart’s research also helps categorize bots and reduce confusion regarding different botnets under the same name, proving through SMTP ‘fingerprints’ that certain previously discovered bots like “Kracken” are
really just variations of existing bots, in the case of Kracken, Bobax.

Tags: botnet, Malware

Author: Christopher

Almost 300,000 web sites hosted with Internet Information Services are infected with a new malicious malware according to PandaLabs. By injecting SQL code in all pages hosted on the same IIS server, this vulnerability allows hackers to inject SQL code and redirect the visitor to a malicious site. The malicious page scans the visitors machine to find ways to compromise the visitors machine. Exploits are then downloaded and used to infected the redirected visitor based on the information found on the scan.

If your site is hosted with Internet Information Services it is highly recommended you check to see if your site is compromised. To check if your site is compromised, search your source code for the following IFRAME reference: “<script src=http://www.nihaorr1.com/1.js>”. If this IFRAME reference is found, remove them immediately and notify your IIS admin right away.

Tags: hack, hackers, IIS, Information Security, Malware, Vulnerability, website defacement

Author: Christopher