A new study has again warned that porn site users are opening themselves up to attacks from cyber criminals.

Porn sites users are at risk because the sites they frequent not only often harbour malware, but also entrap users in various schemes and shady deals.

The report, which highlights the dangers that porn site users face, was prepared by the International Secure System Lab.

Dr Gilbert Wondracek, who led the study, said that the intense competition amongst the online porn industry made matters far worse: ”They have almost inadvertently created a whole ecosystem that’s easy to abuse for cyber crime on a large scale. There are studies looking at the profitability and economics of the industry but we are the first to come at it from a security and more technical point of view.”

The techs at the International Secure System Lab built their own porn sites and quickly discovered that many porn site users are very vulnerable to computer viruses and loopholes.

Dr Gilbert pointed out that the study had been basically carried out to test the commonly held assertion that porn site users are at risk. He added: “There are studies looking at the profitability and economics of the industry but we are the first to come at it from a security and more technical point of view.”

Dr Gilbert stressed that it was often hard for the average user to tell a porn site which is honest, compared to one that might be hiding malware threats.

Of the 35,000 porn site domains studied in the report, it was discovered that 90% were ‘free’ sites and that these acted as ‘funnels’ for sites that require payment to view their content.

The 35,000 domains published some 269,000 individual websites. The study looked at all these sites and discovered that a touch over 3% were booby-trapped with malware, including viruses, spyware and adware. What’s more, many other sites used tools such as JavaScript catchers which make it hard for porn site users to actually leave the site.

Other sites immediately transferred those people hoping to view a video, to say a number of affiliate sites, which creates a circle of click trading. Dr Gilbert said: “Visitors are being abused as click bots. It’s cut-throat competition. Everybody tries to get as much traffic as possible.”

Porn site users are being told to be aware of “safe browsing modes” when visiting such websites and to keep their anti-virus software up-to-date.

Guest Article by Neil Camp

Top malware in May according to computer security company BitDefender is an Autorun trojan.

May’s top malware goes by the name of Trojan.AutorunInf.Gen and represents just over 13% of all global malware. It’s designed to use external hard drives, memory cards and flash drives to spread malware. And although Microsoft may have discarded its Windows Autorun feature from its latest operating systems and from Vista SP2, early versions are still vulnerable.

Next on the top malware list for May is the infamous Kido, or Conficker, which goes by the tag of Win32.Worm.Downadup. This nasty virus takes a bow for around 6% of global infections and attacks a Windows vulnerability. It spreads via local network computers and stops users trying to access Windows updates and security companies web pages. Latest versions of Windows has removed the vulnerability, but people using older operating systems should ensure that they have updated their operating systems and anti-virus applications.

In third place and close behind the Conficker on the top malware list is another Trojan which accounts for some 5% of all infections. It’s official name is Trojan.FakeAV.KUE and it’s based on JavaScript code. It creates anti-virus scams and the malware gets hosted either on sites that unknowingly carry the virus, or malicious sites. Once people download this type of malware, it triggers various fake alerts offering rogue antivirus software.

Coming fourth is the May top malware list is Win32.Sality.OG. It’s the only file infector virus in the top ten and it’s a device which appends its encrypted code to executable files (.exe and .scr binaries). It does this by deploying a rootkit which kills any antivirus applications on the computer. This means that it remains undetected and unable to carry out its malicious tasks.

In the fifth place is a new one to the top malware charts. It’s a Trojan and is responsible for a tad over 2% of infections. Called the Trojan.Swizzor.2, it acts as a pathfinder for a number of other pieces of malicious software.

BitDefender’s top malware chart for May includes:

1. Trojan.AutorunINF.Gen 13,24%
2. Win32.Worm.Downadup.Gen 5,84%
3. Trojan.FakeAV.KUE 5,11%
4. Win32.Sality.OG 2,68%
5. Gen:Variant.Swizzor.2 2,12%
6. Trojan.Autorun.AET 2,02%
7. Gen:Heur.Krypt.24 2,01%
8. Worm.Autorun.VHG 1,97%
9. Gen:Variant.Rimecud.2 1,91%
10. Exploit.PDF-JS.Gen 1,76%

One things is for sure, try to avoid any of the top malware for May.

Guest Article by Neil Camp

One of the top computer security software companies has produced its list of top ten malware threats for May.

Florida based Sunbelt Software compiles a monthly top ten malware threats report and the data comes from the company’s VIPRE Antivirus, its anti-malware solution, and CounterSpy, its antispyware application.

And the top ten malware threats for May reflect a growing trend towards behaviour-based detections.

What’s more, the top ten malware threats within May were also amongst the top ten for April, with May’s leading position going to Trojan.Win32.Generic!BT with 27.8% of detections, which was top in April and with more detections, 33.7%.

Coming up on the inside of the list of top ten malware threats for May is INF.Autorun (V) whose detections grew by over half from April to May. The previous period had seen a 40% increase; so the influence of this particular piece of malware is growing considerably and is likely to stay around for some months to come.

Newcomers to the top ten malware threats list for May were FraudTool.Win32.AVSoft (v) which popped in at number eight with 1.3% of detections and Trojan.Win32.Agent at number nine with just over 1.2% of detections. The first one of these little beauties – FraudTool.Win32.AVSoft (v) – installs rogue antivirus software – and the second – Trojan.Win32.Agent – downloads a varying variety of viruses and is a particular insidious Trojan downloader.

Tom Kelchner, Sunbelt Software Research Centre Manager, said about the top ten malware threats:
“The list of ThreatNet top-10 detections in May did not change significantly from the previous month – with a continued high volume of Trojan downloaders. However, the level of generic detections has steadily increased over the past few months, highlighting the importance of behavioural testing via a "sandbox" method to stop malicious applications without individual signature updates. This is a good strategy for stopping zero-day malicious code, or previously unknown malware, which is being generated by the bad guys with more frequency.”

The complete top ten malware threats is as follows:

1. Trojan.Win32.Generic!BT 27.79%
2. INF.Autorun (v) 3.63%
3. Trojan.Win32.Generic.pak!cobra 2.14%
4. BehavesLike.Win32.Malware (v) 1.95%
5. Trojan-Spy.Win32.Zbot.gen 1.78%
6. Trojan.Win32.Generic!SB.0 1.35%
7. Exploit.PDF-JS.Gen (v) 1.34%
8. FraudTool.Win32.AVSoft (v) 1.32%
9. Trojan.Win32.Agent 1.28%
10. Trojan.Win32.Malware 1.25%

The majority of the threats contained within the top ten malware threats are delivered via social engineering, or stealth installations.

Guest Article by Neil Camp

When it comes to finding out about the top malware and spam trends, then the latest report from computer security giants McAfee, covering the first quarter of 2010, is a great place to start.

It discovered that top of the list for top malware and spam trends is a USB worm that has grabbed number one position for top malware worldwide. Furthermore, it concluded that spam trends differ considerably from country to country. What’s more, spam originating out of China and other Asian countries is on the increase. And, early 2010 has been marked by major events, such as earthquake news, which has led to many web searches being poisoned.

The top malware and spam trends report also concluded that most malicious URLs are hosted by US based servers.

High up in the top malware and spam trends report is the fact that the increasing use of removable devices, the majority being USB drives, is acting as a beacon for the most popular malware. Infections that are related to AutoRun held the top and third places. In fifth place are password stealing Trojans which include generic downloaders, gaming software and unwanted programmes, all designed to collect statistics anonymously.

Looking at spam, the report concluded that whilst rates are steady, the subjects differ from country to country. The report shows that the most significant amounts of diploma spam come out of China, South Korea and Vietnam. Diploma spam is all about buying bogus job qualifications in order to get jobs.

Whereas countries such as Singapore, Hong Kong and Japan – says the report – are known for high rates of Delivery Status Notification spam.

Mike Gallagher, senior vice president and chief technology officer of Global Threat Intelligence for McAfee, said:
“Our latest threat report verifies that trends in malware and spam continue to grow at our predicted rates. Previously emerging trends, such as AutoRun malware, are now at the forefront. We were also surprised to find some of geographic difference in spam related topics, such as the volume of diploma spam coming out of China.”

The top malware and spam trends report also discovered that Brazil, China, Chile, Colombia, India, Indonesia, Philippines, Romania and Thailand, do have a higher proportion of malware infections and spam. McAfee says this may be down to the rapid increase in computer and internet use that these countries have experienced in the last few years, and that as a result, they lack a proper appreciation of security awareness.

The top malware and spam trends report that hackers continue to make use of bad news events, such as the earthquakes in Haiti and Chile, in order to bump their malicious sites up the site engine rankings.

As to where most of the new malicious URLs are hosted, the top malware and spam trends report concludes that 98% are hosted in the US, mainly because this is where most of the Web 2.0 services are provided.

So, when it comes to the top malware and spam trends report, use it to help keep yourself from the hackers out there.

Guest Article by Neil Camp

One of the largest providers of Windows security software is warning companies to be on their guard during the 2010 football World Cup for attacks from the malware community. And to help, they have produced their top tips for world cup computer security.

The Sunbelt Software top tips for world cup computer security are aimed at UK bosses who fear that their employees will take every opportunity, whether with permission, or not, to watch matches – many of which are taking place during office hours – and follow not only England, but various other teams.

But warn Sunbelt Software, the tournament and the interest it will generate not only amongst supporters and the wider community, means that hackers are on the prowl, hence the need for the top tips for world cup computer security.

Malware writers will see employees trying to get their football fix, no matter how, as a great opportunity to launch attacks. And one of the biggest risks, say Sunbelt Software – the authors behind the top tips for world cup computer security – is fans desperately searching for footage on any site to see how their team is progressing. Many of the sites offering such footage will, say Sunbelt Software, be hotbeds of potential computer attacks, containing viruses, platforms for phishing attacks, banner advertising and fake video streaming codec downloads.

So, when it comes to safe 2010 football world cup enjoyment, what should bosses and employees be on their guard against; what are the top tips for world cup computer security.

Top of the pile of the top tips for world cup computer security are infected files, many offered as email attachments, or downloads, that promises such things as special World Cup pictures, news, results, free tickets, or match lists. It is best to avoid these.

Second up in the pile of top tips for world cup computer security is search engine optimization poisoning, which sees the hackers endeavouring to get their malicious sites to the first pages of the listings. This is why it’s essential that new urls are carefully studied before using them and that only sites that a user trusts, are used for such things as news updates and football features.

And such things as fake antispyware programmes will be out in force, tempting users to sign-up to bogus claims that a computer is infected and that a sum of around £50 will put things back to rights again.

Next up in the top tips for world cup computer security is a warning against social networking scams. Sunbelt Software say that they expect malicious links on Twitter, fake applications on Facebook and other tricks on some of the popular 2.0 websites.

Another of the top tips for world cup computer security is the area of website defacements. This concerns websites that are popular at the time of a certain event, or tournament, and are targeted by the hackers. Sometimes it might just involve the simple defacement of a website, but it could involve a totally compromised website which is turned into a delivery mechanism for illegal content.

David Parkin, Sales Director EMEA, Sunbelt Software, said:
“All it takes is one employee to disregard this advice and the entire organisation could be put at risk. It is our hope that business leaders will distribute these tips throughout their organisation and print out further copies and post them in communal areas. By following this simple four-point checklist we can all enjoy this year’s World Cup safely via the Internet.”

Guest Article by Neil Camp