Producer Countries 10 Most Evil Trojan

MOSCOW - anti-virus vendor Kaspersky released a 10-producing countries that terganas Trojan capable of stealing passwords. List of countries expressed at the conference about the threat of cyber crime in the future, which took place in Moscow

China ranked as a top maker of Trojans with 63 percent followed over Russia (12%). While Germany, India and Turkey ranked next with 4 percent position. As for Egypt, the United States, Ukraine, Mexico, and France occupied the position to produce 3 percent of the outstanding trojan.

Aleks Gostev, director of the Global Research and Analysis Team Kasperski said other countries somewhat surprising is the presence of Egypt in the list of 10 countries Trojan creators. And the country known to the state is not typical trojan makers.

The data are based on research on tens of millions of computers around the world. "Egypt is the worst victim of cyber crime cases in 2008, but in 2009 the number of attacks decreased to Egypt," said Gostev.

"Apart from Egypt, which surprisingly is Turkey, a lot of malware that are now made in Turkey," he said.

List of producing countries trojan
1.China
2.Russia
3.Jerman
4.India
5.Turki
6.Mesir
7.Amerika States
8.Ukraina
9.Meksiko
10. France

Read full story

Kaspersky IS 2010 'The Best' in Romania

JAKARTA - Kaspersky Internet Security 2010 has been chosen as 'The Best' by the readers of CHIP and XtremPC, a leading IT magazine in Romania. This survey initiated by the magazine in order to identify software and hardware products the best in the year 2009.

Kaspersky Internet Security 2010 was selected as 'Security Software Product of the Year 2009' in the software category. Kaspersky received the highest score compared with rival developers, such as Norton Security 2009 and 2010, and ESET Smart Security 4.

"In this two-year Kaspersky Internet Security was selected as 'Product of the Year' by the readers of CHIP and XtremPC."

Kaspersky Internet Security 2010 combines Safe mode Run a technology based on innovative new Sanbox, a unique feature of the Internet Security Suites. Run Safe allows users to run software in isolated virtual environment and protect the operating system of all types of malicious damage.

Statistically, Kaspersky Internet Security 2010 has shown that the vulnerability of the operating system and applications are often trusted to be used by hackers to attack the applications that use the Internet.

Read full story

Beware, Say Spam your Bank Bankrupt

Jakarta - Because of recession that occurred recently, the Federal Deposit Insurance Corporation (FDIC) in the United States has closed many banks failed. Until mid-December 2009, as many as 140 banks had been closed by the FDIC.

Now, because of the mass media coverage of the news, spammers (junk message sender) took advantage of this situation to their advantage.

One action is to send a message that claimed the tricks mentioned bank and your bank is believed to have announced bankruptcy.

"When users click on the link on the word 'learn how to save money', Trojan.Pidief will try to install itself into the PC."

Therefore, Symantec recommends users to check with a trusted news sources and legal websites of financial authority to determine whether the bank actually had been taken over by the government.

"With these examples, spammers continue to find ways to increase the chance that their messages opened by the user. Symantec predict these techniques will continue to be used in 2010," added this security company.

Read full story

Microsoft, Adobe & Oracle Security Update

JAKARTA - Microsoft, Adobe and Oracle is scheduled to release a security update to address security vulnerabilities products.

Microsoft has released only one security bulletin to address a security vulnerability. Even so, Microsoft categorizes security vulnerabilities such as critical

"One of Microsoft's security vulnerabilities are affecting everything, from Windows 2000 to Windows 7, but in critical categories for Windows 2000."

"From the XP SP2 and later products, Microsoft has strengthened the heap memory with a memory heap protection strategy; this makes the security vulnerabilities are less of a problem for systems of more recent," he added

Adobe is also scheduled to release a security update. One of the updates that are expected to patch the security vulnerability critical zero-day and affecting the Acrobat Reader, which was first identified on December 14.

"We see this security vulnerability actively exploited by attackers," said Greenbaum.

"At the end of December this attack looks businesses rose sharply and then declined, but we still see attacks limited to such exploitation. It is possible that the type of exploitation is more reliable under development. "

Finally, Oracle is scheduled to release an advisory that addresses 24 security vulnerabilities as well as part of their quarterly security update.

Symantec strongly recommends users to patch their systems to address this security vulnerability. In addition, companies are encouraged to consider implementing a patch management solution automatically to help overcome these risks

Read full story

Yahoo Messenger Virus Bak MacGyver

Jakarta - Still remember MacGyver action movies, which often makes sophisticated tools even if only with simple equipment. This also seemed to occur with viruses Yahoo Messenger, although formulated with programming languages (VB Script) is considered one eye but a deadly virus.

Adang described Taufik Jauhar, a virus analyst from Vaksincom, this virus is generically known as W32/VBTroj.CEPA and the de facto become the most vicious viruses and most disturbing in the beginning of the year 2010.

The virus is capable of doing many things like installing rootkits, block network access and manipulate the Windows hosts file so I can do blocking access to security sites on the victim computer.

"And the more sophisticated, it dienkrip hosts file to avoid detection and repair by antivirus programs."

This virus, he added, also will perform several blocks access to security sites or other sites that have been determined by the number switch to IP 209.85.225.99 which is the public ip www.google.com, it actually indirectly cause ddos against Google . com.

"Is there a connection or not with the attack on Google in China that cause Google account to leave? We'll see. In fact, more and more computers are infected by this virus, then the access (which indirectly causes DDos) against the original site Google will and higher, "he said.

So that every time a user tries to access to certain websites, including website security / antivirus, then that arises is the site www.google.com.

This virus spreads very rapidly by taking advantage of chat media commonly used by users such as Yahoo Messenger, MSN Messenger and Skype by sending a message and attach a link to download a file which is engineered like an image file (JPG), but in fact a virus file already compressed berdeda sizes are different depending on the variant that infects the computer. The compressed file has an exe extension.

If you receive the message you receive should not be let alone run the included file while the Messenger contact a friend who you know, it's not your friend who sent the virus but the virus that infects the computer and use messenger accounts.

One of the things that cause the virus to spread in addition to successfully use the media mentioned above, it will also update to update itself it is this which causes Scaner antivirus can not detect the virus.

The virus is more powerful entrenched with the help of a rootkit file serving to protect the active parent file in memory, so cleaning is done through windows Normal, Safe Mode or Safe Mode With Command Prompt sometimes can not solve the problem.

Read full story

Smadav 2010 Rev 8

2010 SmadAV Rev. 8 was released with a variety of new features and improvements that are specific to local eradication of the virus. That features such as Smad-Behavior that can identify new local virus that does not exist in the database SmadAV of his behavior when infecting the system. Smad-Ray that can scan automatically flash when installed within a maximum of 5 seconds. 2010 SmadAV more stable and highly recommended to be combined with international anti-virus because it can only handle SmadAV local virus. Immunization flash (using autorun.inf folder) has been revised and previously there will be a confirmation so you can decide whether a flash is to dikebalkan or not.

For information, the virus samples that users uploaded to the site Smadav.net, local spread of the virus are now beginning to fall dramatically in Indonesia. Perhaps this is due to the many local antivirus that can eradicate the local viruses. And also because the users of Windows XP that has been reduced because some had to upgrade its operating system to Windows Vista or Windows 7 a very safe from viruses, especially viral infections locally. The spread of the virus in Indonesia more dominated by the international mobile viruses and malware which certainly can not be overcome SmadAV. You must and it is strongly recommended to use the international anti-virus protection your computer from viruses and malware of this international.

Smad-Behavior
Almost all new local virus that still use the local viral techniques to infect the system will be detected by SmadAV. This local virus can be detected from behavior that directly infect the system shortly after executed. So, no problem anymore for SmadAV to prevent new local virus that does not exist in the database.

Combined with Antivirus International
SmadAV made with the aim to clean and protect your computer from viruses spread locally that many in Indonesia. So, SmadAV not able to detect the virus internationally. Therefore, if you often surf or often install new programs, you must and it is strongly recommended to install an antivirus to be combined with international SmadAV. SmadAV can be combined with almost all international antivirus. When combined, SmadAV will protect your computer from viruses and local international antivirus that will protect you from viruses as a whole internationally. International's antivirus such as the free is Avira, AVG, or Avast, and that paying such a Kasperksy, Norton, or NOD32.

Smad-Ray and immunization Flashdisk
Smad-Ray is a quick scan pendrive (maximum 5 seconds) just after the flash is mounted so that without a long wait you can immediately know if the flash is your local infected or not. Immunization SmadAV flash done by adding the autorun.inf folder on your flash so that the virus that usually infects the flash will be very difficult to spread because of its autorun file can no longer be made on your flash. This immunization will be done after you approve the confirmation of the moment after the flash is attached.

The following is a complete list of improvements SmadAV Rev. 2010. 8

• The addition of local virus database 23 new and improved some false positive
• A new heuristic technique that can detect the local virus variants provided with one simple variants existing in-database
• VBS heuristic technique is more accurate and intelligent increased
• More stable to be merged with all the international AV (other AV detect the computer and if not there would suggest to get an international AV installed)
• Scan flash is very fast only 5 seconds (Smad-Ray) is not only scan the outer portion of the flash, but also to all the files in the flash
• adAV Pro is the password does not have access rights to change the registry with SmadAV
• ications (Balloon Tray) beginning at the start-up is not there anymore
• Smad-perfect behavior and with a new look when he warns the user
• Confirm the addition autorun.inf folder to immunization flash installed shortly after the flash, the user is free to choose to immunize its flash or not
• Folder SmadAV Smad-Lock/Brankas no longer automatically added in the FD but must manually via Smad-Lock tab
• Adding the "more" in SMARTP alerts

Free Download Smadav 2010 Rev 8 | Miror

Read full story

Beware of Virus Variants Spread Quick YM

Jakarta - While 2010 has just begun, the movement of malicious programs such as indefatigable. Viruses that use Yahoo! Messenger (YM) were reported to have spread rapidly.

Using the latest virus that are recognized as the YM W32/VBTroj.CEUU by Norman Security Suite.

Adi said, the message appears in English with a link to a file. To attract his victims, as though the link will lead to a compressed image file format. Zip.

Here are some of the messages sent (in English).

• I just found this pic of you last night, and I think you might want to save it, looks amazing. srv034.imageshares.info: 88/cache/user2940/DVS-Picture009.JPEG.zip
• Would you care if I tagged you in this picture? Or would you get upset at me? srv057.imageshares.info: 88/DisplayPics/user3052/DVT-NewPhoto009.JPG.zip
• his picture is creepy and disturbing! You have to check it out. http://srv034.imageshares.info:88/cache/user2940/DVS-Picture009.JPEG.zip
• I was at the mail, and you will never guess who i saw! http://srv057.imageshares.info:88/DisplayPics/user3052/DVT-NewPhoto009.JPG.zip
• I found the perfect wallpaper. You'll love it, what do you think? http://viewmorepics.facebookgallery.info:88/ImageView&profileID=1390/DVS-MyPhoto14.JPEG.zip
• Have you seen my new glasses? I just found out I had to get new ones. Do they look ok?? http://viewmorepics.facebookgallery.info:88/ImageView&profileID=1390/DVS-MyPhoto14.JPEG.zip
• Why do I even bother taking pictures when they turn out to be like this. Do not show it to anyone please. http://img284.dlimageshack.info:88/img284/43930/MVC-NewPhoto12.JPG.zip
• I finished editing this picture last night for my facebook profile ... How do you like it? http://img425.dlimageshack.info:88/ ~ ProfileView/user4729/DVS-NewPhoto13.JPG.zip
• The pics from my new digital camera keep coming out strange. Can not you tell it does not look right in this one? http://c2ac-b.myspace-pics.info:88/images03/4986051/DVT-Picture004.JPG.ZIP
• If you decide to open this picture you have to promise not to show it to anyone. ok? http://c2ac-b.myspace-pics.info:88/images03/4986051/DVT-Picture004.JPG.zip

YM service users, which is quite popular in Indonesia, was asked to not even click on the link. The reason is that the virus will take advantage of his victim IM accounts to spread itself to the victim's friends.

Here are some actions that will be the virus, as told by Adi:

• Attempting to connect / contacts to a remote server / IRC (Internet Relay Chat) with a variety of IP.
• Attempting to connect to several websites and try to synchronize the time. " onmouseover="this.style.backgroundColor='#ebeff9'" onmouseout="this.style.backgroundColor='#fff'">Including Microfot.com, Yahoo.com <>
• " onmouseover="this.style.backgroundColor='#ebeff9'" onmouseout="this.style.backgroundColor='#fff'">Attempting to connect to some websites Mail Exchanger (MX). Including Microsoft.com, Yahoo.com, Google.com and Mail.Ru (service provider free e-mail the largest in Russia)
• Attempting to connect to some websites using a variety of ports.
• Synchronize to remote server / IRC server and communicate.
• Downloading a file virus and a list of messages to be sent via the chat application. One link can get up to 50 different messages sentences.
• ends a message to all existing contact address at the chat application.
• Trying to access the network and spreading the virus. In this case even try to get through IPC $.

Well, giatnya virus activity caused the victim's computer will seem slow. In fact, according to Adi, the level of CPU usage can reach 100 percent.

The main spread of this virus is through instant messaging services like YM. But Adi did not rule out its spread is also done via Skype, GTalk (Google Talk), Windows Live Messenger and MRA (Mail.Ru Agent).

In addition, the virus will spread through the network by using file sharing folder. The file is a virus that spreads will have a random name, with the extension. Exe and the size of 212 kb.

Read full story

Antivirus Free Microsoft Present Late January

Jakarta - Indonesia will soon officially coming Microsoft Security Essential. Free antivirus software Microsoft is scheduled besutan will present late January 2010.

Lukman Susetio, Windows Client Product Manager Microsoft Indonesia said that, officially, the new Microsoft Security Essential to dijajal by computer users in 13 developed countries. Among the United States, France and England.

"But the Indonesian special, just the end of January will come later. Along with its other ASEAN countries, like Thailand, Singapore and the Philippines."

Lukman ensure that this security software can be downloaded for free alias free. Simply download it at Microsoft's site at a given time. "If it still can not, wait a minute longer," he added.

According to official information from the Microsoft site, antivirus protection is claimed to have high levels of virus, spyware, trojans, worms and some other malware.

This antivirus will update automatically, so users do not have to worry about antivirus update this manually. Security Essentials When the icon is green, all have a safe and controlled.

It also does not 'nag' by issuing a message should be to update, if a user includes a busy person. Microsoft Security Essential to work behind the scenes quietly.

Read full story

Beware Cheap Ticket Offers via Email

Jakarta - Be careful with offers cheap airplane tickets in circulation via email. The parties allegedly responsible had started to use such an offer to deceive Internet users.

According to Symantec's analysis team Messaging and Web Security, increased spam with the subject flight took place over the holiday season.

Spam is as if to offer airline tickets cheap or even free. The message comes from an email address with a prefix like 'AirlineTickets...' or 'FreeAirline.Tickets..'.

Here are examples of some titles spam messages:

• RE: 2 [name of carrier] Airline Tickets
• Fly the skies with cheap airfares
• Fly Anywhere in the U.S.
• Amazing deals across all airlines.
• Book cheap airline tickets now!

Now, the danger is, that spam message directs victims to a site. On the site, potential victims will be asked to fill out personal data, including credit card data, which will either be used for any purposes by the perpetrator.

Symantec advised users to manually type the address of airlines that offer special rates, or even free tickets, by booking online. In addition Internet users are expected to always be alert to the kind offer.

Read full story

Adobe, Facebook and Twitter, Malware Target in 2010

Jakarta - Software Adobe is still the main target of attack by malware in 2010. This prediction is based on a report issued anti-virus company McAfee.

Besides Adobe, the output products Microsoft also remains a favorite of the breaker. In addition to being the ruler of the web browser market, Microsoft is also holding the operating system dominance. this is the reason Microsoft has always been the main sights.

But with growing popularity of Mac OS X, so he also could not be separated from the target of attacks, as well as Firefox and Chrome. "Adobe, Apple and all the major vendors have become targets, related developments and their presence is everywhere," said Stuart McClure from McAfee.

In addition to a large number of vendors above, web-based services, especially social sites like Facebook and Twitter also still vulnerable to threats. The attackers will continue the attack by using penyingkat URL (URL Shortener) to lead users to malicious sites or programs estuary to become part of phishing attacks.

Read full story

Reviewing 2009 and 2010 of the Security Glasses

Jakarta - Year 2009 is nearly over and soon to come 2010. What kind of glasses review computer security and malicious programs?

If there's one thing to always keep in mind the development of cyber security for this are: cyber crime is a real crime. This type of crime has exceeded even the illegal drug trade as a producer of criminal money in the world's number one.

Just a reminder, here are some brief statistics from Symantec about the impact of cyber crime today:

• Wom Conficker / Downadup infects 50,000 computers every day
• An unprotected PC will become infected in the next four minutes after connecting to the Internet
• 1 of 5 online consumers become victims of cyber crime
• 7 million people are deceived and provide personal information to cyber criminals during the last two years
• In 2008, the victims spent approximately 58 hours to restore the losses due accounts missing
• Every three seconds, an identity lost (stolen)

Furthermore, the methods used by cyber criminals increasingly devious and sophisticated. The threats today are poliformik and often delivered via the web.

Symantec security researchers watched an average of more than 200 million attacks each month and at least 10.7 million of which is a unique threat. Cyber criminals desperate to write and rewrite pieces of new malware and unique, which makes traditional security solutions become obsolete.

What consumers need is a new security model - reputation-based technology, capable of reaching detection can not be compared to new malware and pushed far outside the traditional security solutions, such as signature detection and heuristic / behavioral.

Reputation-based technology works by harnessing the power of many - tens of millions of users around the world Norton - to build the reputation of a file based on its attributes. He took the greatest weapon owned by cyber criminals - their ability to produce unique pieces of malware in a frightening pace - and turn it backfires.

This is the weapon that anyone needed to protect themselves in order to cope with security threats and trends that will continue to grow in 2010.

Home Security Trends and 2009 Outlook 2010

1. The attack on Social Networking Sites Happen More Often.

More and more attackers using social engineering tactics by targeting direct end users, and tried to outwit them to download malware or disclose sensitive information. Year 2009 be the year the attack on-site social networking sites (social networking) and users of these sites become the standard target of the criminals.

These sites combine the two factors that make it an ideal target for online criminal activity: the number of users that a very large and high level of trust among the users.

Symantec estimates that the number of such attacks will increase in 2010. And because the owners of these sites will tighten the security, the attackers will turn their attention to the security gap in third-party applications on the accounts of social networking users.

2. Security Software vendors Increase Its Bad.

This year, Symantec has identified 250 misleading applications disguised as legitimate security software, but actually only provide a little protection or no protection and can infect a computer with malware as direputasikannya fought. Since July 1, 2008 until June 30, 2009, Symantec received reports of 43 million effort to install security software naughty.

In 2010, we expect software vendors will naughty meningktkan their efforts to the next level, even by hijacking a user's computers, making it useless and held to be redeemed with money.

3. Malware Evolution.

Finally, in the year 2009 made it easier malware. This is largely due to the availability of popular toolkit easy to use, such as Zeus, which allows even novice hackers to create malware and botnets.

Many of the ready-made threats is a conglomeration of the components of other malware that already exists. Example Dozer, which contains the components of the Mydoom and Mytob.

This trend also makes more malware can be removed, with an emerging threat and sometimes disappeared within just 24 hours. Very specific malware, which aimed to exploit a particular ATM-ATM, also revealed in the year 2009. This indicates the involvement of people in the know about the ATM operations and how to exploit them. This trend will continue in 2010.


Protecting Yourself against the Cyber Criminals

With the more dangerous the threat landscape for consumers, Symantec believes that the reputation-based technology is the greatest weapon against, among others, the attacks social networking sites, security software naughty and malware, which will continue to be done by cyber criminals in 2010.

Model-based security lent reputation unparalleled strength in the traditional solutions in empowering consumers to 'reject' digital danger 'allow' safe online experience.

Here are some important tips to put into practice in order to remain protected consumers:

1. Use security software paid comprehensive and up-to-date

Find the security software that not only offers basic protection from viruses and spyware, but also helps detect malicious attacks before the attack occurred. Currently it is not enough just to have anti-virus solutions, but also two-way firewall, encryption passwords, anti-phishing toolbar and regular updates.

Your security suite should have a reputation for advanced technologies to achieve did not terbandingi detection of new malware and walked away out of traditional security solutions.

Check the security services web as Norton Safe Web as a place of a community of web users to collaborate to report the phishing sites and malware is dangerous.

2. Think before you give "permission"

When asked to provide access to "allow" or "deny" an application to Intenrnet, always select "deny". This is unless you are absolutely sure that the site was accessed authentic and safe.

3. Set the privacy options to the highest level

Use your site's privacy features to limit the posting personal to the people who you know and trust. Do any add someone to the list of people you trust unless you really know the person.

Whatever you say on your site can get around - even if you post them in private. Also do not use your account to disclose personal information about other people ..

4. Secure your wireless network.

If you are in nirkabek network, secured with a password and do not allow the computers that are not known for accessing your home network.

Always use strong passwords with a combination of letters and numbers, and change them regularly.

5. Do not give your credit card details to sites that do not have security

See if there is https: / / at the top of your browser and the padlock symbol at the bottom right corner of the screen.

6. Check and check again when you arrive at your destination

When clicking on the Facebook (or any site) make it a habit to see what appears in the address bar. You may not always be able to find a fake site, but in this fraud case, it is clear that not www.facebook.com.

Read full story

Virus Akhir Tahun Bajak Gambar dari Hardisk

Jakarta - Sebuah virus diketahui menyebar menjelang akhir tahun 2009. Program jahat ini mengubah gambar dalam hardisk menjadi file berbahaya dan berusaha menyerbu sistem operasi anyar Windows 7.

Adi Saputra, analis antivirus dari Vaksincom, mengatakan pihaknya telah mendeteksi peredaran sebuah program jahat dengan nama Autorun.ATSJ. Adi mengatakan, ini merupakan varian dari virus Autorun yang mendominasi peringkat virus di Indonesia periode November - Desember 2009.

Varian terbaru ini disebut menyembunyikan file gambar dalam hardisk dan membuat duplikatnya yang sebenarnya merupakan program jahat. File duplikat itu akan memiliki ikon gambar sehingga sekilas mampu menipu penggunanya.

Adi mengatakan virus itu dibuat dengan script bahasa C lewat software Autoit versi 3 dan dikompresi dengan program UPX. Ciri-ciri virus itu adalah menggunakan ikon gambar, berukuran 353 kilobyte, berekstensi .exe dan memiliki tipe 'Application'.

Gejala

Saat menginfeksi komputer korbannya, virus ini akan menimbulkan dua proses aneh pada Task Manager. Proses tersebut bernama Jview dan shimgvw dan akan muncul pada Task Manager sistem operasi Windows.

Jika calon korbannya menjalankan Windows 7, virus itu nampaknya berusaha menjalankan fungsi untuk mematikan fitur User Account Control (UAC). Namun, menurut Adi, virus itu tak mampu berjalan pada Windows 7.

Gejala lain dari virus tersebut adalah mematikan fitur Security Center. Akibatnya, fungsi update dan warning dari sistem operasi Windows konon akan bermasalah juga.

Beberapa antivirus akan 'dibunuh' oleh virus tersebut. Ini termasuk Ansav Guard, Eset (NOD32), Norman Security Suite, dan McAfee Security Center. Selain itu, virus ini juga akan 'membunuh' virus lokal yang menjalankan proses: Blastclnn.exe, Blastclnnn.exe, New Folder.exe dan SSCVIHOST.exe.

Tentunya gejala yang paling jelas adalah kemampuannya membajak dan menduplikasi seluruh file gambar yang ada di dalam hardisk. File yang jadi sasaran adalah yang memiliki ekstensi jepeg, bmp, png dan gif.

'Kado akhir tahun' ini akan menyebar lewat USB Flash Drive. Selain itu, ia juga akan menyebar melalui jaringan lokal apabila komputer korban memiliki folder berbagi dalam jaringan lokal.

(Choi)

Read full story