One of the most common ways to propagate malware through social engineering is to piggyback it on some attention-catching news event. This can be carried out using a variety of techniques and is certainly nothing new. One infamous example from 2007 was Win32/Nuwar (a/k/a the Storm Worm), which distributed through spam emails with current and/or

My latest blog for SC Magazine's Cybercrime Corner looked at the recent APT (Advanced Persistent Threat) attack on RSA, in the light of Uri Rivner's blog on the implementation of the attack.  Unfortunately, the exact nature of the target and damage remains somewhat obscure, so while I certainly consider Rivner's blog worth reading, I also found myself

…today I’m waxing nostalgic about a piece of malware. Not one of those anniversaries that have filled so many blogs, articles and videos recently (happy birthday, dear Brai-ain….), but something that just popped into my mailbox…

…many scams work by panicking victims into taking some unwise action, whether it’s parting with their credit card details or opening a malicious program, claiming that some problem or illegal action is associated with their computer or IP address, such as transmitting malware or visiting paedophile or other pornographic sites…

…Andrew Lee conducted a fun but disquieting thought experiment in the course of an amusing and informative presentation on user education at the recent Virus Bulletin Seminar…

This weekend, an unnamed worm forced Microsoft to temporarily suspend active links  in Live Messenger 2009, in order to prevent the aggressive worm from spreading further. This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all! For example,

In the security industry, we’re sometimes over-ready to be over-prescriptive, seeing security and privacy concerns as paramount where others see them as a distraction. And we’ve become used to the mindset that computer users will always prefer convenience to security.

The problem with preventing such scams is that social engineering is very lo-tech in nature, requiring little in the way of technical resources and investment. Scammers are relying on the victims naivety, to grant them access to their computer and credit card details, so there’s very little a security company can do to prevent them,

…criminals are making use of the fact that Quicktime Player 7.6.6 allows movie files to trigger file downloads…the volume of reports picked up our ThreatSense.Net® telemetry suggests the likelihood of significant prevalence, though by no means an epidemic right now…

My colleague Josep Albors flagged this issue on the Ontinet blog a little earlier today. I’ve flagged it here as it’s likely that there are similar messages carrying the same malware circulating in languages other than Spanish.