new anti-malware web site

Robert Stratton bob at stratton.NET
Wed Jan 25 11:58:03 CST 2006


On 2006-01-25 12:29, "hfeinstein at cox.net" <hfeinstein at cox.net> wrote:

> An effort by some big names in the industry to
> do something about malware.  Harvard Law, Oxford and
> Vince Cerf at Google are behind the effort. It seems an
> uphill fight however. Attempts to establish a lawful
> society on the Internet is just as hard as enforcing international law. Just
> as there are enlighted societies, dictatorships and  failed states, the
> entities in cyberspace are governed by the same passions.
> 
> So much for my editorializing.  Here is the URL:
> 
> www.stopbadware.org

I recently attended a presentation by Lance James of Secure Science, who
does a LOT of reverse engineering of malware. It appears that phishing mail
is old news. The new thing is phishing malware.

A phishing message will net you 500-5000 user ID's and passwords in a week.
The current crop of phishing malware (for which end-user configurators are
available on the net commercially), will catch on the order of 500,000 user
ID's and passwords in the same week.

It also appears that the banks' attempts to provide whizzy "virtual
keyboards" upon which you click your mouse to enter your PIN,etc, are
foiled. The phishers aren't using classical keystroke loggers. The phishing
malware is hooking itself into the browser (for example as an Internet
Explorer browser helper object) and simply nabbing the filled-out form
fields and transmitting the information to the Bad Guys.

It's ugly. The good news is that through reverse code engineering, style
analysis and other means, these guys have been able to differentiate several
phishing networks and to shut down several of them.

--Bob S. 




More information about the Tacos mailing list