Software Industry Announcements and News
McAfee Labs: Proactive on Cybersecurity
[ No Comments ] Posted on 08.19.10 under Security & Privacy
McAfee Labs: It’s Time to Be Proactive on Cybersecurity
McAfee, Inc. Security Journal Examines Strategies for Shifting From Defense to Offense in Cybersecurity
SANTA CLARA, Calif.–(BUSINESS WIRE)–A new report published by McAfee, Inc. (NYSE:MFE) stresses the need for the security industry to take a more proactive position against cybercriminals. In light of recent cyberespionage, the breakup of cybercrime rings, and the threats that sophisticated malware such as Stuxnet present to critical infrastructures, McAfee Labs™ researchers and industry experts call for a more proactive strategy for fighting cybercrime.
Read the rest of this entry…
FBI, Slovenian and Spanish Police Arrests Mariposa Botnet Creator, Operators
[ Comments Off ] Posted on 07.28.10 under Government News, Security & Privacy
The FBI, in partnership with the Slovenian Criminal Police and the Spanish Guardia Civil, announced today significant developments in a two-year investigation of the creator and operators of the Mariposa Botnet. A botnet is a network of remote-controlled compromised computers.
The Mariposa Botnet was built with a computer virus known as “Butterfly Bot” and was used to steal passwords for websites and financial institutions. It stole computer users’ credit card and bank account information, launched denial of service attacks, and spread viruses. Industry experts estimated the Mariposa Botnet may have infected as many as 8 million to 12 million computers.
Read the rest of this entry…
ifraudalert.org to Rescue Stolen Data
[ Comments Off ] Posted on 06.17.10 under Government News, Security & Privacy, Web Sites
New Internet Fraud Alert to Help Rescue Stolen Account Credentials
Microsoft technology powers early reporting system to help protect consumers and businesses from fraud.
WASHINGTON — June 17, 2010 — Microsoft Corp. has joined forces with the National Cyber-Forensics and Training Alliance (NCFTA), with the support of Accuity, the American Bankers Association, Anti-Phishing Working Group, Citizens Bank, eBay Inc., Federal Trade Commission, National Consumers League and PayPal, to release a new program that will help mitigate potential losses due to online fraud and account compromise. Launched today, Internet Fraud Alert will offer a trusted and effective mechanism for participating researchers to report stolen account credentials discovered online — such as username and password login information for online services or compromised credit card numbers — to the appropriate institution responsible for that account. Through a centralized alerting system powered by Microsoft technology developed specifically for this program, Internet Fraud Alert will quickly inform companies about compromised credentials, allowing them to take the appropriate action to help protect their customers.
The program was unveiled today and will go into effect immediately. The first of its kind, Internet Fraud Alert represents an important step forward in fighting online fraud. It will serve the much-needed purpose of enabling security researchers and investigators to more securely and systematically share information with service providers, retailers, financial institutions and government entities about incidents where compromised account credentials have been discovered. To date, when the security community uncovers compromised credentials stemming from phishing attacks, for example, there has been no simple mechanism to warn the service provider or bank about the exposed credentials.
Phishing and malicious code attacks pose a serious threat to consumer identity and account credentials. In 2009, the Anti-Phishing Working Group received more than 410,000 unique phishing e-mail reports, and recent data from the group show that the number of brands being exploited by phishers is at an all-time high.
Internet Fraud Alert will bring together a wide assortment of stakeholders, including retailers, financial institutions, service providers, technology companies, academic researchers, consumer advocates and government agencies, in the shared interest of reducing online fraud and protecting consumers. As the technology creator and sponsor, Microsoft is donating the tool to the NCFTA, a nonprofit organization dedicated to facilitating public-private partnerships between industry, law enforcement and academia on cybersecurity issues. Accuity, a leading provider of global payment routing data, has donated a solution to assist NCFTA with the vetting of trusted institutions for participation in the program to help ensure the integrity of the alerting process.
More information about Internet Fraud Alert can be found at http://ifraudalert.org. Consumers interested in learning more about staying safe online and limiting the risk of identity theft can visit http://www.microsoft.com/protect, http://www.onguardonline.gov and http://www.lookstoogoodtobetrue.com.
About NCFTA
The National Cyber-Forensics and Training Alliance was established to unite the technology industry, law enforcement, academia and private- and public-sector organizations to bring into focus the most significant online threats and identify the most effective and efficient early options for detecting and combating cybercrimes. A focal point of this project is the primary partnership established between the FBI, the NW3C, Carnegie Mellon University and West Virginia University.
About Microsoft
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://www.microsoft.com/news. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/news/contactpr.mspx.
Supporting Industry Quotes
“Those who traffic in stolen identities often use online tools to collect, share and profit from compromised account credentials, but those of us working to combat identity theft have a few tools of our own. By combining new technology and critical partnerships, Internet Fraud Alert helps alert institutions to stolen credentials so they can take action to combat fraud. The Microsoft Digital Crimes Unit is proud to be working with the National Cyber-Forensics and Training Alliance and everyone joining with us today to announce this valuable new tool in the fight against cybercrime.”
—Nancy Anderson
Corporate Vice President and Deputy General Counsel
Microsoft Corp.
“The NCFTA is honored to manage this one-of–a-kind program as it is vital to the interests of our partners and consistent with our mission. This program will enable the expeditious identification of current and emerging threats, which is key to the mitigation of compromised data.”
—Ron Plesco
President and CEO
NCFTA
“Modern commerce depends on a trustworthy online marketplace, but, unfortunately, there will always be people trying to defraud consumers and erode trust in that system. Accuity has spent over a century earning the trust of financial institutions around the world. As a contributor to the Internet Fraud Alert program, we value the opportunity to extend that trust and be part of taking this significant step forward in helping to protect and ensure the integrity of the online marketplace.”
—Hugh Jones
President and CEO
Accuity
“Internet Fraud Alert will provide a vital link between those who find suspected compromised customer data in the course of their investigations or business and the National Cyber-Forensics and Training Alliance, who then can protect that customer from potential harm. ABA welcomes the opportunity to play a role in strengthening this link between law enforcement and business, particularly for community banks.”
—Doug Johnson
Vice President of Risk Management Policy
American Bankers Association (ABA)
“The APWG is pleased to see this innovation in repatriating compromised consumer data and credentials, a scheme useful for informing customer protection and industrial security response efforts. One of the challenges of e-crime response is the routine mobilization of e-crime event data that must be exchanged to protect consumers. Microsoft and NCFTA have done an enormous service to the e-crime response community by establishing this system to better enable industrial institutions to work together to protect consumers.”
—Peter Cassidy
Secretary General
Anti-Phishing Working Group
“Citizens Bank is excited about the opportunity to partner with Microsoft, law enforcement, the National Cyber-Forensics and Training Alliance, and others to help build an innovative framework to rapidly address cyberthreats by combining knowledge and resources to enhance consumer trust when conducting business online.”
—Lin Abbott
Vice President, Chief Information Security Officer
Citizens Bank
“Internet Fraud Alert is a promising and innovative approach to help financial and online institutions discover hijacked accounts and close them or inform the affected consumers. We hope that someday there won’t be a need for a secure database of stolen account credentials. In the meantime, computer users who want to protect themselves can learn how at OnGuardOnline.gov.”
—Chuck Harwood
Deputy Director
Federal Trade Commission
“At a time when scams and the criminals who run them are becoming ever more sophisticated and networked, it is imperative that the forces arrayed against them keep pace to provide consumers with the maximum protection possible. We applaud today’s announcement as a positive step in this direction. By enabling easier coordination between enforcement agencies, service providers, retailers and financial institutions, the Internet Fraud Alert system will add an additional layer of fraud protection for consumers.”
—John Breyault
Vice President
National Consumers League
Spyware Seller Settles FTC Charges; Order Bars Marketing of Keylogger Software for Illegal Uses
[ Comments Off ] Posted on 06.02.10 under Government News, Security & Privacy
The Federal Trade Commission has put the brakes on the business practices of an operation that was selling spyware and showing customers how to remotely install it on other people’s computers without their knowledge or consent.
The FTC is announcing a settlement that bars the sellers of the “RemoteSpy” keylogger from advertising that the spyware can be disguised and installed on someone else’s computer without the owner’s knowledge. It requires that the software provide notice that the program has been downloaded and obtain consent from computer owners before the software can be installed.
In 2008, the FTC filed suit against CyberSpy Software, LLC and its owner, Tracer R. Spence, alleging they were violating the law by advertising and selling RemoteSpy, a keylogger software program that the defendants touted as a “100% undetectable” way to “Spy on Anyone. From Anywhere.” According to papers filed with the court, the defendants provided their clients with detailed instructions explaining how to disguise the spyware as an innocuous file, such as a photo, attached to an e-mail. When the e-mail recipient clicked on the attachment, the RemoteSpy program was downloaded and installed without the victim’s knowledge. The spyware recorded every keystroke typed on an infected computer; captured images of the computer screen; obtained passwords, and recorded Web sites visited. To access the information gathered and organized by the spyware, RemoteSpy clients logged into a Web site maintained by the defendants.
The final Order bars the defendants from providing purchasers with the means to disguise the product as an innocent file or e-mail attachment. It also requires that they inform purchasers that improper use of the software may violate state or federal law. The final Order also requires the defendants to take measures to reduce the risk that their spyware is misused, encrypt data transmitted over the Internet, police their affiliates to ensure they comply with the order, and remove legacy versions of the software from computers on which it was previously installed.
The Commission vote to accept the final settlement Order was 5-0. The Order was entered in the U.S. District Court for the Middle District of Florida.
Microsoft Investigators Uncover Emerging Form of Click Fraud
[ Comments Off ] Posted on 05.19.10 under Business, Security & Privacy
REDMOND, Wash. — May 19, 2010 — Microsoft Corp. has filed two lawsuits this week in the U.S. District Court for the Western District of Washington detailing evidence of an emerging form of click fraud in online advertising the company has dubbed “click laundering.” One lawsuit is a John Doe suit alleging that unidentified defendants engaged in this activity; the other lawsuit names Web publisher RedOrbit Inc. and its president, Eric Ralls, as defendants. Click laundering, a previously unknown form of pay-per-click (PPC) advertising fraud, was uncovered by Microsoft investigators following dramatic and irregular growth in click traffic on two sites within its Microsoft adCenter network. Investigators believe that had the click laundering scheme gone undetected, the perpetrators could have defrauded advertisers of hundreds of thousands of dollars.
“Online ad fraud is evolving in sophistication all the time. Fighting it demands vigilance and dedication to an honest and secure online marketplace. We believe that a trusted marketplace is critical to Internet commerce, and Microsoft will continue to take aggressive action working with industry and law enforcement to protect our platforms, customers and advertisers,” said Brad Smith, senior vice president and general counsel for Microsoft.
PPC fraud, also known as click fraud, is a type of Internet fraud in online advertising that occurs when a person, automated script or computer program imitates a legitimate website visitor by clicking on an ad to generate a charge-per-click without having actual interest in the target of the ad’s link. Microsoft adCenter monitors click traffic carefully to prevent advertisers from being charged for non-valid clicks, and Microsoft has been active in investigating and taking action against click fraud when found, including taking legal action where necessary.
Click laundering is a newly uncovered form of click fraud in which technical measures are used to make invalid ad clicks appear to originate from legitimate sources. It is analogous to money laundering in which the origin of illegal profits is disguised as legitimate. Click laundering attempts to avoid fraud detection systems that have been put in place by the ad platform — in this case, Microsoft adCenter — to protect online advertisers. Through various means, including malware programs, fraudsters are able to trick innocent Internet users into visiting websites where they unknowingly click on advertisements. Click launderers also can further disguise the origin of those invalid clicks by using scripts and other methods to alter information that is sent to the ad platform.
Microsoft is filing these lawsuits to help protect its ad platform and promote the integrity of online advertising for the benefit of all legitimate advertisers, to stop the fraudulent behavior, and to recover the damages caused by the click laundering. These actions are part of an ongoing effort by Microsoft Advertising and the Microsoft Digital Crimes Unit to work with others across the industry to identify and address emerging threats to the integrity of the online advertising ecosystem through technical and legal means. This week, Microsoft closed another lawsuit the company filed in 2009 regarding click fraud in auto insurance verticals and World of Warcraft, following a successful settlement with defendant Eric Lam. Terms of the settlement are confidential, but the lawsuit successfully brought the click fraud activities described in the complaint to an end and helped Microsoft further refine and evolve its approach to combating click fraud. Such cases demonstrate the evolving nature of fraud in online advertising and the need for ongoing investments across the industry to maintain a healthy Internet marketplace.
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
FTC Permanently Shuts Down Notorious Rogue Internet Service Provider
[ Comments Off ] Posted on 05.19.10 under Government News, Security & Privacy
3FN Service Specialized in Hosting Spam-Spewing Botnets, Phishing Websites, Child Pornography, and Other Illegal, Malicious Web Content
At the Federal Trade Commission’s request, a district court judge has permanently shut down a rogue Internet Service Provider that recruited, hosted, and actively participated in the distribution of spam, spyware, child pornography, and other malicious and illegal content. The ISP’s computer servers and other assets have been seized and will be sold by a court-appointed receiver, and the operation has been ordered to turn over $1.08 million in ill-gotten gains to the FTC.
In June 2009, the FTC charged that 3FN, which does business under a variety of names, actively recruited and colluded with criminals to distribute harmful electronic content including spyware, viruses, trojan horses, phishing schemes, botnet command-and-control servers, and pornography featuring children, violence, bestiality, and incest. The FTC alleged that the defendant advertised its services in the darkest corners of the Internet, including a chat room for spammers.
The FTC complaint alleged that 3FN actively shielded its criminal clientele by either ignoring take-down requests issued by the online security community, or shifting its criminal elements to other Internet protocol addresses it controlled to evade detection.
The FTC also alleged that 3FN deployed and operated botnets – large networks of computers that have been compromised and enslaved by the originator of the botnet, known as a “bot herder.” Botnets can be used for a variety of illicit purposes, including sending spam and launching denial-of- service attacks. According to the FTC, the defendant recruited bot herders and hosted the command-and-control servers – the computers that relay commands from the bot herders to the compromised computers known as “zombie drones.”
Transcripts of instant-message logs filed with the district court show the defendants’ senior employees discussing the configuration of botnets with bot herders. And, in filings with the district court, the FTC alleged that more than 4,500 malicious software programs were controlled by command-and-control servers hosted by 3FN. This malware included programs capable of keystroke logging, password stealing, and data theft, programs with hidden backdoor remote control activity, and programs involved in spam distribution.
The FTC charged that 3FN’s distribution of illegal, malicious, and harmful content and deployment of botnets that compromised thousands of computers, harmed consumers and was an unfair practice, in violation of federal law.
On June 15, 2009 the court issued a preliminary injunction to prohibit 3FN’s illegal activities and require its upstream Internet providers and data centers to stop providing services to 3FN.
The court has now ordered a permanent bar on the illegal activities of 3FN and its agents and has appointed a receiver and instructed him to liquidate the operation’s assets.
The defendants named in the FTC’s complaint are Pricewert LLC, also doing business as 3FN.net, Triple Fiber Network, APS Telecom, APX Telecom, APS Communications, and APS Communication.
This case was brought with the invaluable assistance of NASA’s Office of Inspector General, Computer Crime Division; Gary Warner, Director of Research in Computer Forensics, University of Alabama at Birmingham; The National Center for Missing and Exploited Children; The Shadowserver Foundation; Symantec Corporation; and The Spamhaus Project.
The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,800 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.