Saturday, March 27, 2010

Malware distributed by most Ad-Serving Networks

Malware lurking in Ads that are delivered by ad-serving networks of Google, Yahoo, Fox, and others have been identified as “JS:Prontexi,” by Antivirus and Malware researchers at ALWIL Software, the Prague-based developers of Avast Antivirus. They said the Malware is usually spread through JavaScript code poisoned to infect advertising distributed by major ad-serving systems and other exploited applications.

The ALWIL team said the Malware exploits vulnerabilities in Java, Adobe Reader, Acrobat, QuickTime, and Flash and then launches fake antivirus warnings on victims’ computers.

The Malware does not require much interaction from computer users. According to Jiri Sejtko, a senior virus analyst at Avast, “Users can get their machines infected just by reading their favorite online newspapers or by doing searches on popular topics; computers can be infected after the infected ads are loaded by the web browser.”

The ALWIL team also said that some of the most popular ad delivery services have been the "most compromised," which include Yahoo's Yieldmanager.com and Fox Audience Network's Firmerve.com.


For more information on JS:Prontexi Malware, read the Avast blog



About AdachiCompuTech.com

Adachi Computech Solutions is a global leader in remote computer support. We provide computer repair, computer help, tech support, and online computer support to consumers and small businesses. Our services are guaranteed and connect via the Internet in less than 60 seconds.

Wednesday, March 24, 2010

Facebook Bredolab Malware Tricks Exposed

An email purported to be from Facebook’s Customer Support is on the loose. If you’re actively engaged on Facebook’s networking site, chances are that you may have already received an email indicating that Facebook had reset your password in order to provide you with the most up to date security. The email appears to look like the one below:

Subject: Facebook Password Reset Confirmation Customer Support

Message: “Dear user of Facebook, Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document. Thanks, Your Facebook.”

According to Gary Warner, “Cyber-criminals are using fake e-mails to target Facebook users and deliver computer viruses that were being detected only by one-third of the 42 most common anti-virus products as of noon Thursday, March 18,” Warner says. “The malware being delivered is called ‘BredoLab'.”

On a blog titled “BREDOLAB Revealed,” Security Analysts at Trendlabs reported that Bredolab is associated with two well known malware families called FAKEAV (Rogue Antivirus Pro 2010) and ZBOT/Zeus (information and data stealing software).

Bredolab is responsible for downloading a series of executable (.exe) files developed by cybercriminals to inject viruses onto victims’ computer systems.

The use of drive-by downloads, Trojan horses, worms, web browser vulnerabilities, exploited applications, and browser redirection to malicious websites, are some of the tricks and tactics used by cybercriminals to infiltrate victims’ PCs.


About AdachiCompuTech.com

Adachi Computech Solutions is your one-stop and one-click solution to remote virus removal, online spyware removal, remote computer support, online computer repair. We specialize in correcting issues that affect the speed and overall system performance of your computer. Our certified technicians perform these services remotely and securely thru your high-speed Internet connection!

Thursday, March 18, 2010

AntiMalware Defender’s Tricks Exposed

The use of scare-ware to promote fraudulent security software programs such as AntiMalware Defender is now a common trick used by cybercriminals to defraud computer users.

AntiMalware Defender is a scam-ware engineered by cybercriminals to be distributed by means of a fake windows update installation alert. If installed, the victim’s computer is bombarded with pop-ups and will eventually be infected with spyware.

AntiMalware Defender is a Rogue Anti-Spyware program that not only destabilizes the infected computer but keeps track of the victim’s web browsing habits. The information obtained from the victim’s machine is sent to the remote servers of these cybercriminals who will immediately launch series of false pop-up notifications stating that the victim’s computer is infected with spyware.

The effects of Antimalware Defender on the infected computer could be significant if left unresolved. In most cases, the victim’s homepage is hijacked and redirected to unknown websites; firewall and anti-virus program are disabled; unusual computer slowness and much more.

If your computer has already been infected with AntiMalware Defender, get rid of it right away as failure to do so will result in getting your system disabled by this rogue anti-spyware. Please do not purchase AntiMalware Defender as it will not protect your computer in any way shape or form.

If your computer has not been infected with AntiMalware Defender, avoidance is the best strategy to staying safe from this bogus software! When visiting websites, be careful on what you click on, especially ‘executable’ (.exe) files. Most rogue-ware will automatically launch installer-scripts when either an image or an executable file is clicked on.


For more information on AntiMalware Defender, read the article [Computer Weekly]


About AdachiCompuTech.com

Adachi Computech Solutions is your one-stop and one-click solution to remote virus removal, online spyware removal, remote computer support, online computer repair. We specialize in correcting issues that affect the speed and overall system performance of your computer. Our certified technicians perform these services remotely and securely thru your high-speed Internet connection!