404 Tech Support

After continuing to receive additional spam daily through the same campaign that I posted here a week ago, I decided it was time to escalate things. It became apparent that the Unsubscribe link on these e-mail messages wasn’t doing anything. If the FTC enforced the CAN-SPAM Act this would be the proper venue and for now it’s about the only action that we can take.

You can find out more information about spam at the FTC’s website for it: www.ftc.gov/spam/

On the left-hand side, you can click ‘File a Complaint’ to move to the next step.

Checking Twitter tonight for more MediaTemple news, I saw the latest Tweets of those people I follow. Among that list was also a posting by a person I didn’t know, I didn’t follow, and didn’t follow me. This random person and random post just seemed to appear in my list without reason. Anybody know why or see this before?

I confirmed I wasn’t following them and have no acquaintance with them. Any thoughts?

It appears there is a malvertisement (malware being delivered through website ads) attack campaign in full force and after today I’d guess it’s on the up-swing. After having a number of people in separate physical locations report the exact same malware installed on their machine, things start looking bad. I’m never one for jumping to trends and hopping to conclusions, but I know what makes for a bad day. XP Internet Security 2010 is a Fake AntiVirus that will get installed on your machine and start reporting infections and trying to get you to buy it. (It’s a scam! Don’t give them any money!) The worst thing, however, is that the malware tools currently aren’t detecting it or able to remove the infection.

Last year, I ran in the 5K that accompanied the Illinois Marathon and half-marathon. I registered for the event ahead of time and used the online registration through Active.com. The event was fun and well coordinated. Unfortunately, months after the event, it wasn’t quite so coordinated.

On February 16th, the United States government participated in a war game that was different from any others in recent years. Moving from the conventional attacks, threats, and worries of the past this most recent war game started with our digital infrastructure. An app was downloaded by over 20 million smart phones called March Madness. This app activated a malicious bit of code right before this simulation began and proved itself to be a worm that spread to other phones through your contact list. Meanwhile, the president’s “cabinet members” (played by former senior administration and national security officials) have convened to advise the president and plan a reaction as more intelligence and news is presented in real time.

Wednesday, I was able to check off another one of those things on the ‘To Do at least Once in your IT Career’ list by degaussing hard drives. Degaussing a hard drive means using a device that generates a strong electromagnetic field to wipe the data on the drive. This is an important step that I’ve mentioned before in the ‘Before you Recycle/Garbage that Old Computer‘ article to ensure your security and privacy; it is also required for compliance with state law for my office. Normally, we would use DBaN but that could take 20 to 60+ minutes per drive depending on the capacity and condition of the drive. The degaussing process takes about 20 seconds per drive (5-10 seconds per side). Since another IT office had just got the degausser, I decided to take it for a spin and wipe 250 drives in the time we would normally be able to do 8 (good) drives with DBaN.

A working group has formed to move towards establishing official language and terminology for describing malware to assist communicating and fighting malware. The working group is trying to establish the Malware Attribute Enumeration and Characterization (MAEC) language. There are a number of benefits to establishing a common malware terminology: eliminating innacuracy in describing malware, reduced duplication of efforts, improved awareness of malware, and decreased response time.

The Introduction to MAEC white paper was released yesterday and offers a promising start. From the abstract:

I got a lot of positive feedback on my article Is Your Firefox Genuine? Phishing at its Phinest! where I identified a site that had repackaged Mozilla Firefox and wrapped it up in a bunch of malware. The site was getting a decent amount of traffic, I suspect, because it was advertising itself well and was often the top sponsored result for Firefox-related searches on Bing. I tried multiple times to get a hold of Microsoft’s advertisement group to request that they drop the advertisement, but they were unreachable “for reasons beyond [their] control.” Little did I know, there was an easier way to prevent people from installing this malware all along…