odd time signatures

Computer Security, Malware and Botnets

Nancy Willard is the executive director of the Center for Safe and Responsible Internet Use and the publisher of the report I referred to in earlier posts. She has written an article for Education World entitled Malware and Porn Traps: What Schools Can Do.

From the article:

While discussing the Amero case in online forums, I have gotten many e-mails from teachers stating, “That could have been me” — an entirely accurate statement.

But it’s also important to note that it could happen to any of your students as well.

And this:

The following point must be made absolutely clear to all school administrators and police officers: There are various forms of “malware” (malicious software) or Web sites with “porn traps” or “mouse traps” (a Web site feature that essentially takes control of the browser and causes pornographic sites to pop up when the user tries to exit). Malware and porn traps are lurking on the Internet, just waiting for someone to make a mistake that will result in the display of objectionable material. [Emphasis Added]

The article goes on to list three essential steps for all schools to take. It’s an excellent article and should be required reading by every teacher and IT administrators for school districts in this country.

Not just the schools

It’s not just school districts who need to beware. Just tonight, this article popped up in my feeds via 9o1am about a new trojan out in the wild that started spreading yesterday via email attachment OR by visiting an infected site, a new way of spreading the malware. From F-Secure:

It may use any of the following strings as its Subject:

  • 230 dead as storm batters Europe.
  • A killer at 11, he’s free at 21 and…
  • British Muslims Genocide
  • Naked teens attack home director.
  • U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel

Attachments may be any of the following filenames:

  • Full Clip.exe
  • Full Story.exe
  • Read More.exe
  • Video.exe

More variants and explanation can be found on the F-Secure blog.  As an aside, I’m a lot annoyed that Trend Micro doesn’t have any alerts up on their website about it, so I’ve subscribed to F-Secure’s blog and will be watching it for any updates that should be shouted out.  If the system is infected, a rootkit is installed that allows your system to be taken over by a botnet that then goes out and posts more infected files.

The thing that’s different about this is that it’s being posted in blog comments and message board postings.  Make sure you’ve got up-to-date virus protection, your firewall is turned on, and of course don’t click links or open attachments when you aren’t sure of their source and haven’t scanned them specifically.

Technorati Tags: , , , , , ,

Comments are closed.