Wednesday, April 24, 2013

Malware Distributed from Phony SourceForge Website

TrojanMake sure you double-check the URL in your browser’s address bar or dialog window before downloading files online.

Zscaler researchers discovered that cybercriminals were taking advantage of the trusted reputation of SourceForget[.net] by distributing malware through a similar domain, sourceforgetchile.net.

The malicious file analyzed by Zscaler, minecraft_1.3.2.exe, was posing as a file associated with the popular game, Minecraft as the name suggests.

In reality, the executable file was a piece of malware closely related to the ZeroAccess Trojan that, upon a successful infection, will hide in the Recycle bin, inject malicious code into running processes, recruit the computer into a botnet, and generate revenue for its operators by part-taking in click fraud.

Thankfully this threat has a high detection rate (32/46), according to a VirusTotal report. So in the event that you downloaded the Trojan, you can perform a full system scan using one of the many AV programs capable of finding & removing it.

Aside from that, stay vigilant & always double-check the URL before clicking 'Download'.

[via Zscaler]

Friday, April 19, 2013

Buy of the Week: 27" Apple Thunderbolt Display for $953

27" Apple Thunderbolt DisplayWith built-in Thunderbolt technology - the fastest, most flexible I/O ever - the Apple Thunderbolt Display can do things other displays simply can't.

Of course, it delivers a brilliant viewing experience. But connect it to any Thunderbolt-enabled Mac and it becomes a Plug-and-Play hub for everything you do.

Features include a high-resolution 2560-by-1440 LED-backlit display, a FaceTime HD camera, high-quality audio, three USB 2.0 ports, a FireWire 800 port, a Gigabit Ethernet port, and a Thunderbolt port for daisy-chaining additional high-performance devices.

Until April 26th, 2013, you can order a 27" Apple Thunderbolt Display from Hyphenet for only $953 + shipping!

Specifications for 27" Apple Thunderbolt Display





































































MFR# MC914LL/B
Product Type27" LED-backlit LCD monitor
Panel TypeIPS
Built-in Devices
Microphone, USB hub, camera
Aspect RatioWidescreen (16:9)
Native Resolution2560 x 1440
Brightness375 cd/m2
Contrast Ratio1000:1
Response Time12 ms
Color Support16.7 million colors
Input ConnectorsThunderbolt
SpeakersIntegrated
Color Support16.7 million colors
Dimensions (WxDxH)25.6 in x 8.1 in x 19.3 in
Environmental StandardsENERGY STAR Qualified
Warranty1-year Apple Warranty

Call (619) 325-0990 to order a 27" Apple Thunderbolt Display today!


Buy of the Week offer valid through April 26th, 2013.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

Thursday, April 18, 2013

Texas Plant Explosion Spam Leads to Malware Attack

Spam emailConsidering cybercriminals jumped on the opportunity to spread malware by sending spam related to Monday’s Boston marathon bombing, it’s not all that surprising that they’re now doing the same with yesterday’s fertilizer plant explosion in West, Texas.

Here are some of the subject lines to watch out for:

  • West TX Explosion

  • Waco Explosion HD

  • Texas Plant Explosion

  • Texas Explosion Injures Dozens

  • CAUGHT ON CAMERA: Fertilizer Plant Explosion Near Waco, Texas

  • Raw: Texas Explosion Injures Dozens


Like the marathon-themed emails, the spam messages tied to the new fertilizer plant explosion trick users into following malicious links by promising video footage of the devastating event.

Texas Explosion Email



Image Credit: Sophos


While it’s true that the victim is presented with a series of embedded videos related to the incident, they are also being exposed to the misdeeds of the Redkit exploit kit, which will use Adobe PDF or Java vulnerabilities to silently install malware on the victim’s computer.

Avoiding these attacks should be relatively easy – don’t follow links in unsolicited emails. Aside from that, keeping your operating system (& installed software) up-to-date and running antivirus software should help your PC remain malware-free.

Have you received any suspicious emails related to the plant explosion or marathon bombing? Share your experiences below and get the word out to help protect others!

[via Sophos][via AppRiver]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Wednesday, April 17, 2013

Spammers Exploit Boston Marathon Bombing to Spread Malware

Warning!Click with caution if you receive unsolicited emails or find yourself wanting to click a website link related to the deadly bombing attack at the Boston Marathon on Monday.

Antivirus firms Avira and Sophos, along with email security provider AppRiver have already intercepted emails from spammers aspiring to dupe users into following malicious links by offering links to video footage of the attacks.

There are a variety of domain names and subject lines associated with this spam campaign; some of the subject lines in use are:

  • Explosion[s] at Boston Marathon

  • Boston Explosion Caught on Video

  • Aftermath to explosion at Boston Marathon

  • Video of Explosion at the Boston Marathon 2013

  • Runner captures. Marathon Explosions

  • 2 Explosions at the Boston Marathon


The body of the email appears to contain nothing more than a link pointing to a website that has legitimate videos from the attack. However, that same site is rigged with malicious code that will attempt to exploit Java plugin vulnerabilities in order to drop a backdoor Trojan on your machine.

Avira identifies the threat as TR/Crypt.ZPACK.Gen, while Sophos identifies it as Troj/Tepfer-Q.

Upon a successful infection, TR/Crypt.ZPACk.Gen (or Troj/Tepfer-Q) will modify the system registry and connect to a remote server, granting an attacker remote access to the affected PC.

Tips to Keep Your PC Safe


Avira warns that malicious links may also be posted on Facebook, so users should also exercise caution when following links shared on social networks. Here are a few other bits of advice to help keep your computer malware-free:

  • Do not click links or download files attached to unsolicited emails.

  • Stick to the official websites of your favorite news channel to get the latest updates.

  • Keep your operating system and installed third-party software fully patched and up-to-date.

  • Always run antivirus software and keep the virus definitions current.


Did You Already Fall for It?


Both Avira and Sophos offer security products capable of detecting and removing the malware being spread by these online attacks. So if you have the sinking feeling that you may have followed a bad link, you may want to try performing a full system scan using one of their products.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Monday, April 15, 2013

Buy of the Week: HP Elitebook Revolve 810 G1 Tablet for $1,378

HP EliteBook Revolve 810 G1 TabletBusiness is constantly changing. Adjust accordingly. Work doesn't always adapt to your style. So HP designed an HP EliteBook that does. By designing an ultra-thin, full-performance notebook that transforms into a tablet, you can choose what works best in any situation. The HP EliteBook Revolve. It's a whole twist on getting more done.

Until April 19th, 2013, you can order a HP Elitebook Revolve 810 G1 Tablet from Hyphenet for only $1,378 + shipping!

Specifications for HP EliteBook Revolve 810 G1 Tablet

























































MFR# D3K48UT#ABA
Product TypeNotebook (Convertible Design)
Display11.6" LED-backlight Multi-Touch
UVWA 1366 x 768 (HD)
Processor
Core i5 (3rd Gen) 3437U 1.9 GHz
Memory4 GB DDR3L
Storage128 GB SSD
GraphicsIntel HD Graphics 4000
Networking802.11n,
Bluetooth 4.0,
NFC,
Gigabit Ethernet
Battery6-cell - up to 8.5 hours
SecurityTrusted Platform Module (TPM 1.2) Security Chip
Operating SystemWindows 8 Pro
(Windows 7 Professional 64-bit downgrade - pre-installed: Windows 7)
Environmental StandardsENERGY STAR Qualified
Warranty3-year HP Warranty

Call (619) 325-0990 to order a HP Elitebook Revolve 810 G1 Tablet today!


Buy of the Week offer valid through April 19th, 2013.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

Friday, April 12, 2013

American Airlines Spam Spreads Backdoor Trojan

American AirlinesWebroot is cautioning users not to fall for spam emails posing as a notification from American Airlines stating that their ticket is all set and ready for download.

This spam campaign isn’t exactly new, although previous versions may have had malicious files attached directly to the email itself.

Here’s what the current variant looks like:

 American Airlines Phishing Email



American Airlines

Customer Notification

Your bought ticket is attached to the letter as a scan document.

To use your ticket you should Download It.

The embedded link will prompt users to download an executable, “Electronic Ticket.exe” that only 10/46 antivirus will identify as malware.

Dr. Web antivirus detects the threat as BackDoor.Kuluoz.4. Once it has infected your system, BackDoor.Kuluoz.4 will modify system files, inject itself into system processes and connect to a list of command & control servers.

Did You Get this Spam Email?


If you received a copy of this spam email, it is advised that you:

  • Do not click on any links within the email.

  • Do not download any files that may be attached or linked from this email.

  • Forward a copy of the email, including the header to webmaster@aa.com.

  • Delete the email immediately.


If You Downloaded Any Files...


If you made the mistake of clicking the link or opening any files attached to spam emails resembling the one above, you are advised to perform a full system scan using an antivirus solution offered by one of the following vendors:

Their products are capable of detecting and removing the threat associated with this attack. Be sure to be more careful in the future!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Check Your WordPress Plugins: Social Media Widget Found to be Injecting Spam into Websites

Social Media Widget WordPress PluginWordPress website masters are being advised to update (or remove) the Social Media Widget plugin following the discovery that it was being misused to inject spam into websites it was installed on.

According to Sucuri Security, the malicious code that calls the URL, hxxp://i.aaur.net/i.php to inject “Pay Day Loan” spam links on the affected website was added to version 4.0 of the plugin, which was launched about 2 weeks ago.

A thread on plugin’s support forums reveals that the compromise was a result of the owner trusting the wrong developer.

The Social Media Widget plugin was removed from the WordPress Plugin repository after it was found to have been tampered with, but has since been reinstated following removal of the bad code in version 4.0.1.

However, the plugin is quite popular, and there’s no telling how many of the 900k websites it had already been installed upon were still at risk.

If you have the Social Media Widget plugin installed on your WordPress website, it is strongly advised that you:

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Friday, April 5, 2013

Buy of the Week: Dell 2350dn Laser Printer for $155

Dell 2350dn Laser PrinterImpress your clients with professional-quality double-sided printouts from the Dell™ 2350dn Mono Laser Printer. Enjoy sharp-looking documents, easy networking and fast printing with this dependable printer that works hard for your office or workgroup.

Until April 12th, 2013, you can order a Dell 2350dn Laser Printer from Hyphenet for only $155 + shipping!

Specifications for Dell 2350dn Laser Printer

































































MFR# 2350DN
Product TypeWorkgroup Laser Printer (Monochrome)
Print SpeedUp to 40 ppm (Letter A 8.5" x 11")
Up to 38 ppm (A4 8.25" x 11.7")
Max Res (B&W)
1200 dpi
Automatic DuplexingYes
InterfaceParallel, USB, LAN
Processor400 MHz
RAM Installed (MAX)32 MB ( 288 MB )
Language SimulationPCL 5E
Media TypeTransparencies,
greeting cards,
labels,
plain paper,
bond paper,
recycled paper
Total Media Capacity300 sheets
Media Handling250-sheet input tray,
50-sheet multipurpose tray
Monthly Duty Cycle60,000 pages
NetworkingPrint server - Ethernet,
Fast Ethernet
System RequirementsUNIX,
HP-UX 11i,
Citrix MetaFrame,
SuSE Linux 10.x,
Novell NetWare 5.1,
SunSoft Solaris 8,
SunSoft Solaris 9,
SunSoft Solaris 10,
Apple MacOS 9.0 or later,
Apple MacOS X or later,
Red Hat Enterprise Linux 3,
Red Hat Enterprise Linux 4,
Red Hat Enterprise Linux 5,
Microsoft Windows 2000,
Microsoft Windows 2000 Server,
Microsoft Windows Server 2003,
Microsoft Windows Server 2008,
Microsoft Windows Server 2008 R2,
Microsoft Windows Vista (32/64 bits),
Microsoft Windows 7 (32/64 bits),
Microsoft Windows XP (32/64 bits)

Call (619) 325-0990 to order a Dell Latitude 10 Tablet today!


Buy of the Week offer valid through April 12th, 2013.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

Thursday, April 4, 2013

Watch Out for Fake HP Printer Scan Emails

Email Security WarningKeep an eye out for fraudulent emails claiming that a document was scanned and sent to you from your office Hewletter-Packard ScanJet printer.

Sophos warns that spammers are once again sending out bogus scan-to-email notices in an attempt to dupe users into clicking malicious links that lead to websites serving malware.
Subject: Fwd: Re: Scan from a Hewlett-Packard ScanJet #1788378

A document was scanned and sent to you using a Hewlett-Packard HP9289197

Sent to you by: PEARLIE
Pages: 3
Filetype(s): Images (.jpeg) View

This isn’t the first time that spammers mimicked document-to-file scan notifications, but previous attempts involved malicious file attachments vs. links in the email itself.

The malware served in the attack was not disclosed; however, the websites associated with this attack are rigged with the BlackHole exploit kit, which typically leverages PDF, Flash & Java vulnerabilities in order to plant malware on the visiting machine.

So, keep your computer safe by:

  • Not following links embedded in unsolicited emails – at least not without investigating them first.

  • Running antivirus software that offers real-time scanning & keep the virus definitions current. (Btw, Sophos blocks the page as Mal/ExpJS-N.).

  • Keeping your operating system and third-party software fully patched & up-to-date.


If you’ve already clicked the link, run a full system scan to detect & remove any potential malware that may have been installed on your computer.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Wednesday, April 3, 2013

Spyware Uses Fake Facebook Page to Steal Credit Card Data

FacebookIt’s time to scan your computer for malware if you try to visit Facebook.com and land on a "security check" page requesting that you enter your credit card information to “verify your account.”

Spyware that TrendMicro researchers identify as TSPY_MINOCDO.A tricks unsuspecting users into disclosing their financial information by redirecting them to a spoofed Facebook security check page every time they attempt to visit the social networking site.

The redirect is done through the infected machine’s HOST file, and prevents the user from accessing any legitimate Facebook pages until the malware is removed.

Facebook Phishing Page



Please complete a security check

Security checks help keep Facebook trustworthy and free of spam.

Use a credit card to verify your account

To keep Facebook a safe environment and to make sure that you are using your real name, we require you to confirm your identity by submitting your credit card information.

- This information will only be used to verify your identity.
- Your credit card will not be charged in any way.
- We do not store any credit card information on our servers.
- Please enter the following information to be able to continue using your Facebook account.

Information submitted through the false Facebook page is sent back to the cybercriminals to use as they please.

Aside from stealing payment information, researchers say that TSPY_MINOCDO.A modifies the system registry to ensure it starts every time Windows does, performs DNS queries to multiple domains to ensure that it can report back to its command server, and monitors all browsing activity.

TSPY_MINOCDO.A is distributed via drive-by-download attacks and other malware, so users can protect their computers by:

  • Keeping their operating system and installed software fully patched and up-to-date.

  • Always running antivirus software and keeping the virus definitions current.

  • Exercising caution when following hyperlinks (do a little research first!).

  • Disabling Java in their browser if it is not needed (the Java browser plugin is often targeted in cyberattacks).


Above all else, trust your instincts and don’t hand out your credit card information to “verify” your account on a FREE social networking website.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Explore the New BlackBerry 10 OS in Your Existing Mobile Browser

BlackBerryIf you’ve been following the news related to the new BlackBerry 10, you may be wondering how it intends on standing out from the iOS and Android crowd.  Explore the new Blackberry 10 OS in your existing browser.

In the event that you’re even the least bit curious about the new BB10 phones, but far too lazy to go to a store and check out the phone in person, you can tour the BlackBerry 10 OS on your current phone by going to blackberry.com/glimpse.

Just keep in mind that this is a demo of user interaction and BB10 features and not a full emulation. The website does not work for desktop browsers – only mobile (as far as I can tell).

[gallery ids="9391,9392,9393"]

Have you checked out the new BlackBerry 10 yet? What are your thoughts?

[via TechCrunch]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Tuesday, April 2, 2013

Malware Steals Credit Card Data from POS Systems & ATMs

POS TerminalSeveral hundred POS terminals and ATMs in the United States have been infected by malware designed to steal debit and credit card data, according to security firm Group-IB.

The malware, named “Dump Memory Grabber” is written in C++ without the use of any additional libraries and is capable of collecting Track 1 and Track 2 card data (full name, account number, expiration date, etc.) from infected systems – providing fraudsters all the information they need to create physical card clones.

Upon infection, Dump Memory Grabber modifies the system registry to ensure it runs whenever the affected machine boots, lists all running processes and proceeds to search memory for sensitive payment information. The stolen data is then uploaded via FTP to a remote server believed to be controlled by Russian cybercriminals affiliated with a “big cyber-crime gang.”

The malware is said to have siphoned data associated with debit and credit cards issued by major U.S. banks like Chase, Capital One, Citibank and Union Bank of California.

Group-IB told Security Week that it appears the malware infected most of the POS terminals and ATMs were infected with the help of insiders, such as employees with physical access to the machine or authorization to update system software.  Only a handful of systems running Windows XP or Windows Embedded appeared to be compromised remotely.  Attackers were also able to exploit vulnerabilities in the banks’ network to plant the malware in some cases.

Group-IB has shared its findings on Dump Memory Grabber with VISA, the affected banks and law enforcement.

[via Security Week]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+