Scammers Riding High On McAfee's FAIL

"Scammers have quickly piggybacked onto news of a buggy McAfee antivirus update that clobbered thousands of computers, security researchers said today.

"Early Wednesday, McAfee released a flawed signature update that wrongly tagged a crucial system file in Windows XP Service Pack 3 (SP3) as malware. After the software quarantined the `svchost.exe` file, thousands of PCs, most of them in businesses, crashed and rebooted repeatedly.

"Firms are still dealing with the aftermath, with some companies forced to manually reconfigure hundreds or even thousands of systems.

"The debacle made news not just in the technical press, but in more mainstream outlets, including the New York Times and USA Today.

"And news is scammers' bread and butter. Using their now-traditional technique of poisoning results at majorsearch engines like Google and Bing, `scareware` makers have pushed links touting fake antivirus software to at or near the top of the results lists, said Graham Closely, senior technology consultant with Sophos.

"The links appear when users type search terms such as `McAfee update` and `McAfee 5958,` the latter a reference to the faulty update's designation, added Panda Security in a post to its company blog today..."

More at ComputerWorld...

McAfee Steps On Its Dick

"PCs across the country rebooted continuously Wednesday, in a mass outbreak reminiscent of the widespread computer viruses from a decade ago. The cause this time wasn’t a virus, however, but a glitch on the part of a company that’s supposed to stop such malicious programs.

"Security company McAfee Wednesday morning issued a software update intended to give the computers that it’s contracted to protect a new list of malicious files to block and delete. Somehow a file that is part of Microsoft’s Windows operating system made it on to the list. And when McAfee’s software deleted this file, all hell broke loose.

"People all over the country reported that their computers stopped working. Among the victimized organization were a hospital in Rhode Island, police in Kentucky and the National Science Foundation, according to the AP.

"Jamal Mazhar, who runs LodgeXcode Inc., a consulting firm for hotels, says his computer and others in his office have been rebooting since morning. His tech staff downloaded a fix, but hasn’t yet been able to get the computers working again. `We’re down hard,` he says.

"McAfee said in a statement that the company was `not aware of significant impact on consumers.` In terms of numbers, it said the incident impacted less than `one half of one percent` of its consumer base and enterprise accounts globally."

More at The Wall Street Journal...

EDITORIAL COMMENT: I can't help but wonder if the McAfee employess who are going to get fired for this will turn to cybercrime.
- Hinky

McAfee: Partnering With Scumbags To Rip You Off

"Two California women have sued security company McAfee, accusing it of duping customers into subscribing to third-party services and passing consumers' credit or debit card information to the service supplier without their permission.

"The lawsuit, which was filed by Melissa Ferrington and Cheryl Schmidt, asked a San Francisco federal court to grant the case class-action status, and demanded that McAfee be barred from continuing the practice. The pair also asked for compensatory and punitive damages, which would be decided at trial.

"When customers purchase McAfee security software online, but before the download beings, a pop-up with a large "Try It Now" button appears.

"`The pop-up, mimicking the look of the other pages on the McAfee site, thanks the customer for purchasing McAfee software, and prompts McAfee's customers to click a red button to 'Try it Now,'` the lawsuit alleged.

"`The pop-up contains no obvious visual cues or conspicuous text indicating that it is an advertisement for another product, or that clicking on 'Try it Now' will lead not to the delivery of the McAfee product but rather to the purchase of a completely different product. Instead, all the visual cues suggest that 'Try It Now' is a necessary step in downloading the McAfee software.`

"By clicking on the pop-up, users agree to a $4.95 per month fee charged by Arpu, a company that creates Web ads "enabling an advertised product or service to be obtained with a single click," according to the Washington D.C. firm's Web site.

"Arpu's site lists McAfee as one of its partners...

"`A single click on the deceptive pop-up causes the purchase of an unwanted product from Arpu, a sale made without the knowledge or authorization of customers, using credit/debit card billing information that they have entrusted solely to McAfee,` said the women's lawsuit."

More at ComputerWorld...

IT Worker Of The Month

"A Bank of America computer specialist is set to plead guilty to charges that he hacked the bank's automated tellers to dispense cash without recording the activity.

"Rodney Reed Caverly, of Charlotte, North Carolina, is scheduled to plead guilty to a computer fraud charge next Tuesday in federal court in Charlotte, according to his lawyer Christopher Fialko, who declined to comment further on the case.

"Caverly was charged last week with one count of computer fraud for allegedly writing a malicious program that ran on Bank of America's computers and ATMs, according to court filings. The documents say Caverly made more than the statutory minimum of US$5,000 from the scam, but they do not spell out the bank's total losses. That number could come out when his plea is entered next week.

"He faces a maximum sentence of five years in prison."

More at ComputerWorld...

Unemployed IT Worker Of The Month

"A Frenchman who broke into Barack Obama and Britney Spears' Twitter feeds insisted Thursday he is no hacker but a `kind pirate` seeking to expose security weaknesses.

"`I did not act with a destructive aim ... I wanted to warn them, to show up the faults in the system,` said the 23-year-old, who was arrested Tuesday after an operation by French police and FBI agents.

"The curly-haired unemployed computer technician wore a pair of slippers adorned with smiley faces as he sat in his parents' home in central France and told of how he broke into the popular micro-blogging site.

"Francois C., who spoke to AFP on condition that his full surname not be used, is accused of breaking into Twitter and Google accounts, including ones used by US president Obama and pop star Spears..."

Full article at EXPATICA.com...

USA NUMBER ONE!!!!!

"Insecurity outfit McAfee has named the US as the most likely source of cyber attacks, beating out the widely perceived favourites China and Russia.

"McAfee conducted a study that questioned 600 IT and security executives from various countries to discuss, rate and rank their biggest Internet security concerns. Most of the report just states the bleedin' obvious, except for the finding that the Americans are the most feared by the others.

"With the recent scuffles between Google and the Chinese government it comes as no surprise that almost 75 per cent of respondents believed that the Chinese government was involved in cyber attacks against their country. However, the figures for both the US and Russia were identical at 60 per cent. The UK government came in third from last with only 50 per cent or so believing that it was involved in naughty cyber aggression activities.

"Probably the most startling discovery was that it is the US, not China or Russia, that is feared the most. The majority of countries in the West listed the US ahead of China and Russia as the country `of most concern` when it came to attacks."

More at the Inquirer...

AV Spending Seen As Pointless

"Following the highly publicized and successful malware attacks on Google, Symantec, Adobe, Dow Chemical, and others, business and government executives are questioning the value of their AntiVirus subscriptions. Their unprecedented skepticism will grow even more intense as more executives learn that all of these successful attacks were easily preventable.

"`In almost every meeting I’ve had since the mainstream media started reporting on these highly visible failures, executives and IT personnel have criticized their AntiVirus computer protection. This Aurora/Hydra outbreak could spark a big change in 2010 enterprise IT security spending, a multi-billion dollar change`, predicts Mike Fumai, CEO of Blue Ridge Networks.

"There’s nothing particularly novel about the exploitable vulnerabilities in Internet Explorer this month, or those in Adobe Acrobat Reader last month. These are merely new entries in a formulaic story re-written almost monthly. Last week’s out-of-cycle security patch from Microsoft is just a less frequently seen plot twist. Until now, these recurring stories only served to increase spending on AntiVirus software from well-known security vendors. However, these targeted organizations with deep pockets and large IT security staffs were successfully attacked because their name-brand AntiVirus software did not have signatures to detect the malware attack code."

More at PRWeb...

McAfee To Leverage "Captive Audience" Marketing

"Facebook announced late Tuesday that it is offering free computer security software for six months to all of its 350 million members to head off increasing threats of hackers and computer viruses on the social network.

"Facebook has cut a deal with anti-virus maker McAfee Inc. of Santa Clara to provide the security software, available on McAffe's Facebook fan page.

"McAfee's Internet Security Software Suite will be free for six months and available for a "special discount subscription" afterwards, the companies said in a statement. The announcement did not detail how much the paid subscription would cost once the free period ends..."

More at SFGate...

Conficker Still The Shame Of The AV Industry

"Waikato District Health Board has been crippled by a computer worm which has seen every PC in the organisation shut down.

"While the main hospital in Hamilton and smaller outlying hospitals were continuing to function, spokeswoman Mary-Ann Gill said it was important people only came for treatment if it was absolutely necessary.

"Emergency care was still available but those arriving for routine appointments were being affected, as were GPs who often made referrals to hospitals via email.

"`We are asking GPs to only make urgent referrals,` she said.

"`We need to keep as many people out of hospitals as we can.`

"Ms Gill said DHB technicians were working on a computer upgrade overnight when things started to go awry.

"`About 2am they noticed there were some issues with the computers. By 4am they realised a computer virus had got into our whole system.

"`We brought in Microsoft and have been working with them through the night.`

"Conficker has been identified as the culprit."

More at nzherald.com...

Employed Programmers Can Be Crooks, Too

"Two computer programmers who worked for Bernard L. Madoff’s investment firm were accused Friday of helping to cover up the giant Ponzi scheme for more than 15 years.

"In a statement, the United States attorney’s office in Manhattan said the two programmers — Jerome O’Hara, 46, of Malverne, N.Y., and George Perez, 43, of East Brunswick, N.J. — were arrested Friday at their homes.

"The complaint accuses the two men of providing the technical support needed to produce false documents and trading records in defrauding investors in Bernard L. Madoff Investment Securities of billions of dollars.

"Jerome O’Hara and George Perez allegedly helped construct Bernie Madoff’s house of cards. The computer codes and random algorithms they allegedly designed served to deceive investors and regulators and concealed Madoff’s crimes,` Preet Bharara, the United States attorney for the Southern District of New York, said in a statement.

"In addition, Joseph M. Demarest Jr., the assistant director in charge of the F.B.I.’s New York office, said that when the two men told Mr. Madoff `they would no longer lie for him,` they were paid to keep the scheme quiet."

From The New York Times...

The REAL Threat: Unemployed Advertising Agents

"Remember when the global economic crisis was supposed to drive legions of desperate, unemployed computer programmers into cybercrime? It turns out the real threat comes from unemployed advertising agents.

"Scammers posing as the well known ad agency Spark-SMG tricked Gawker Media into running a fake Suzuki ad last week that served malicious code, according to a report in Silicon Alley Insider. A similar scam hit the New York Times in September, but unlike the newspaper, Gawker has released the e-mails it exchanged with the scammers, and the messages show just how confidently the perps navigated the ad-buy process..."

More at Wired...

Not All Unemployed IT Workers Turn To Cybercrime

"A man who died in a suspected murder-suicide in Mooresville recently lost his UNC Charlotte computer job to state budget cuts after more than a decade working at the university, according to a statement from the school.

"A law enforcement official said Monday evidence suggests one of the parents was involved in the quadruple shooting early Sunday and died from a self-inflicted gun shot wound. The shooting also left the couple's two adult sons in critical condition.

"Iredell Sheriff's Capt. Darren Campbell, the lead investigator, wouldn't say which parent was suspected, saying investigators would wait for initial autopsy reports this week before releasing details.

"He said `nothing stands out` in the family history that might readily explain the violence. The family members do not have criminal records in North Carolina, and police said they hadn't been summoned to the house before.

"Public records and interviews with neighbors indicate the four family members were living in the same home where the shooting occurred, at 130 Peninsula Drive, about a half-mile from Lake Norman.

"Douglas Alan Thomas Sr., 57, and his wife, Linda Malone Thomas, also 57, died in the shooting spree. The sons, Douglas Alan Thomas Jr., 28, and Christian Edward Thomas, 25, underwent emergency surgery Sunday at Carolinas Medical Center.

"UNCC Chancellor Phil Dubois didn't immediately respond to a request for comment Monday.

"But a UNCC spokesman said Monday that Douglas Thomas Sr. lost his job Aug. 31 as a networking specialist in the school's Department of Information & Technology Services. He was one of only 15 university employees laid off by budget cuts and departmental reorganizations.

"A state salary database from May showed he was earning an annual salary of $81,070."

From the Charlotte Observer...

McAfee's Business Partners Are Evil

[See also this post. Is the pot calling the kettle black or does it simply take one to know one? -Hinky]

"Federal law enforcement officials filed bribery charges today against the District of Columbia's acting chief security officer, along with a one-time D.C. government employee who owns an IT outsourcing company that runs offshore operations in India. Both were later arraigned in federal court.

"Arrested this morning was Yusuf Acar, who currently is the District of Columbia's acting chief security officer; police said they found $70,000 in cash in his Washington home. Acar's annual salary is $127,468, according to court documents.

"The second suspect arraigned on bribery charges is Sushil Bansal, CEO and founder of Advanced Integrated Technologies Corp. (AITC), a Washington-based outsourcing vendor that has won a number of contracts from the district's IT department.

"In what the government officials described as the `McAfee Software Scheme,` Bansal's firm submitted a purchase order for 2,000 units of McAfee Foundstone software, which is used to provide automated scanning and vulnerability assessments, for $104,166. McAfee generated a quote for AITC for the purchase of 500 units of the software at $36,845, but AITC, the provider in this case, charged the D.C. government for 2,000 licenses."

Full article at ComputerWorld...

McAfee Jumps On Anti-IT Worker Bandwagon

"If you think the IT guy at work is annoying now -- does he really have to roll his eyes when you ask him where to find to the power switch? -- just wait until he steals $5 million dollars from the company.

"As the recession unfolds and companies lay off an increasing number of employees, firms face a new and growing threat in the form of disgruntled technology workers with access to a corporation's best-kept secrets.

"Theft of intellectual property, fraud and damage of corporate networks cost corporations over a $1 trillion globally in 2008, according to a recent report by the security firm McAfee..."

More at ABC News...