AV Vendor gives money to Spyware Company

Did no-one at F-Secure realise that when they posted their blog on Mobile Spyware that it may be a bad idea to show that they have nicely donated between €100 and €150 euro to the authors of the Spyware known as Flexispy?

Now obviously I realise they have to get the samples from somewhere, but do you blatently want to call out that you bought an account from a Spyware company? Even though Spyware falls into the grey area of not purely illegal activity, this is still a bad angle for a AV company to take.

The fact that the threat is over a year and a half old, and that F-Secure are still going on about it really does give us an idea just how big a threat Mobile Malware is at the moment. I have personally tested 100s of variants of mobile malware, and while Flexispy is one of the most interesting (along with the likes of Redbrowser ), mobile malware is not currently a huge worry. The sort of data that is kept on Mobile Devices, and the small amount of time the average mobile user spend online with their device leads to the platform being too small of a profit oppurtunity for Malware authors.

Maybe this will increase as Mobile internet usage becomes more commonplace (and cheaper), and while we will continue to see a couple of new variants every now and then, I believe that it will be at least 2 years before this threat becomes of more concern.

Blue Sky[pe] predicted today. Good weather for Phishing.

Also posted over on TM Blog

I have just been informed via Skype by someone called "Security Center" that my computer is infected, and that unless I patch it soon it "may result in severe computer malfunction".

WINDOWS REQUIRES IMMEDIATE ATTENTION
=============================

ATTENTION ! Security Center has detected malware on your computer !

Affected Software:

Microsoft Windows NT Workstation
Microsoft Windows NT Server 4.0
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Win98
Microsoft Windows Server 2003

Impact of Vulnerability: Remote Code Execution / Virus Infection /Unexpected shutdowns

Recommendation: Users running vulnerable version should install a repair utility immediately

Your system IS affected, download the patch from the address below ! Failure to do so may result in severe computer malfunction.

hXXp://www.[REMOVED].org/?q=updatescan

Now I for one hate it when my computer suffers severe malfunction, and seeing as this malware seems to affect every Microsoft OS under the sun, I thought it prudent to go to this helpful site and download the patch. I was immediately presented with a online "Security Alert Scanner" which after scanning through all files on my computer found 3 offending threats that required my immediate attention! To remove them all I had to do was download the full version of their AntiVirus Product, pay $19.95 and fill out a form with enough information that they could probably ring my mother and convince her it was me on the line.

Needless to say this is a SCAM (gasp). While this is by no means the first case of Skype being used to carry out phishing attacks, or the first case of so called "Rogue AntiSpyware", there have been several reports of this particular scam run in the last few days. All of the threat names discovered, files scanned etc are generated by some javascript functions on the page. While the page currently is not using any exploits, this could of course change so avoid following links sent like this under Skype (or any other IM client).

The site itself is hosted in the US with free hosting companies, along with 2 other sites also used as part of the Scam, but the URLs are registered to 2 people with addresses in Moscow. As of yet there is no definitive link to the RBN, but don't be too surprised if this changes.

Don't be Evil

I've written before on my opinions on the sheer amount of information that Google track on people, but this post over on Blogoscoped, really gives a very good picture of the sort of information available to them.

Don't get me wrong, I like all of the interesting things that Google have given us (as does the stock markets ), and the Google Search engine is arguably the most powerful hacking tool available. The question is not if they are useful but if they are trustworthy. Nevermind that this information would be a goldmine for any government agencies. Luckily its not unlikely that Google would do anything unetheical with all this power.

The big question is why do they get away with it so easily, after all - would you trust Microsoft with that information???