Friday, 9 May 2008

NEWS Girls aloud bad for your pc as well as your ears (fake mp3)

Girls Aloud at St Trinians premiere, Getty
The fake file claims to be an mp3 of Girls Aloud

Almost 500,000 people have been caught out by a booby-trapped media file, says security firm McAfee.

The fake file poses as a music track, short video or movie and has been widely seeded on file-sharing networks to snare victims.

McAfee said the fake media file outbreak was the largest it had seen for about three years.

Those running the fake file get bombarded with pop-up ads and risk compromising the safety of their PC.

The fake file or trojan has been widely distributed on the eDonkey and Limewire file-sharing networks.

The file has many names and is written in different languages to trick people into downloading it.

The titles make the file appear to be music tracks, pornography and full versions of popular movies.

Anyone downloading the trojan and trying to run it is asked to install a codec that will play the supposed media.

FAKE FILE TITLES
  1. girls aloud st trinnians.mp3
  2. changing times earth wind .mp3
  3. heartbroken fast t2 ft jodie.mp3
  4. meet bambi in kings harem.mp3
  5. paralyized by you.mp3
  6. pull over levert.mp3

Instead of playing the media, running the file installs a bundle of adware that plagues a user with pop-ups.

Included in the bundle is an MP3 media player that will only play the tracks included with it.

McAfee said seeing such a large outbreak was rare because hi-tech criminals typically prefer to target their malicious creations to keep numbers manageable and to avoid detection.

In the last seven days McAfee said the trojan had been found on more than 500,000 of the PCs that notify the company when a malicious file is downloaded.

It added that, so far, only 10% seem to have gone as far as to install the fake codec and be plagued with pop-ups.

Other security companies have seen the trojan but not in such large numbers as McAfee.

Only those using Windows are vulnerable to the malicious program.

McAfee urged users to update their security software and to be wary when using file-sharing networks.

Labels: ,

NEWS Micro$oft close the lid on rummors

To put a lid on bloggers' speculation about police getting "backdoors" to Windows security, Microsoft is starting to hush up on the subject. In an e-mail to BetaNews on Friday, a spokesperson described COFEE as a "customizable framework."

Despite releasing a few more facts on Friday about a controversial new tool for police officers, Microsoft has now vowed to stay mum on the "exact methods" used by COFEE (Computer Online Forensic Evidence Extractor), as well as about what kinds of passwords -- OS or network, for example -- COFEE might be able to crack.

"Because COFEE is designed to be used by law enforcement officials in investigations that deal with highly sensitive evidence and information, the exact methods by which the COFEE tool works cannot be disclosed," a Microsoft spokesperson wrote, in an e-mail to BetaNews on Friday.

On the other hand, Microsoft's expanded statement to BetaNews on Friday did add some new information to the public pool of knowledge about a tool already distributed to 2,000 police around the globe.

For instance, the spokesperson described COFEE on Friday as a customizable framework, "operating from a USB storage device, that law enforcement can use to leverage publicly available forensic tools and access information on a live Windows system."

Microsoft went on to say, "Microsoft's COFEE works by being plugged into a running system where a user has already logged on. It enables law enforcement to expedite the evidence gathering process by automating over one hundred different commands that would otherwise have to be typed by hand. COFEE saves the results for later analysis, preserving information that could be lost if the computer had to be shut down and transported to a lab."

In earlier accounts, COFEE had been variously explained as either a set of software tools or a series of about 150 commands.

As previously reported, COFEE controversy started last week when some bloggers started rumors that Microsoft was handing out "backdoor keys" to Windows security. The blogs got sparked by an article published in the Seattle Times based on an interview with Brad Smith, Microsoft senior VP and general counsel. Last week, Smith gave a talk at a law enforcement conference in Seattle, where he characterized COFEE as a "Swiss army knife for law enforcement officers."

In the Times article, reporter Benjamin J. Romano wrote that COFEE can "decrypt passwords and analyze a computer's Internet activity as data stored in the computer" -- words that soon touched off tirades among several incensed bloggers.

In an update to his article, Romano said a Microsoft spokesperson had later written to him describing COFEE as "a compilation of publicly available forensics tools, such as password security auditing technologies."

Although an initial statement to BetaNews contained no mention of the password tools, a second e-mail from Microsoft provided the information that COFEE does "include password security auditing tools." Subsequently, last Thursday, BetaNews asked Microsoft to identify the kinds of passwords that might be audited or recovered by police using COFEE -- Windows OS passwords, network passwords, or application passwords, for example.

We also asked Microsoft whether the password security auditing tools mentioned by Microsoft are being premiered with COFEE, or whether they are tools which are already readily available elsewhere. Although Microsoft declined to provide more answers to this inquiry specifically, the company's response did shed a little bit more light on what COFEE is, who uses it, and how it was created.


What follows is the full text of Microsoft's final answer on COFEE

I have the following comment to share in regard to your follow-up question. Please note this will be all we have to share about COFEE.

COFEE (Computer Online Forensic Evidence Extractor) is a framework for first responders to customize a set of common forensic tools. It is a framework operating from a USB storage device that law enforcement can use to leverage publically available forensic tools and access information on a live Windows system. COFEE works by being plugged into a running system where a user has already logged on. It enables law enforcement to expedite the evidence gathering process by automating over one hundred different commands that would otherwise have to be typed by hand. COFEE saves the results for later analysis, preserving information that could be lost if the computer had to be shut down and transported to a lab.

COFEE is designed for use by law enforcement only with proper legal au