Key Headlines of Interest:
March has come in like a lion for the IT world. Already this month Microsoft announces a new vulnerability in Internet Explorer that could result in zero-day attacks, Google is 99% sure it’s leaving China, and police catch Mariposa PC Virus 'Ringleaders'.
Internet Explorer 6 and 7 vulnerability lets hackers hijack your PC.
Last week Microsoft announced a vulnerability in Internet Explorer version 6 and 7 that allows a backdoor Trojan to slip in. According to Panda Security the Trojan will allow hackers to steal information from the infected computer. Most of the documented information thefts would be passwords, bank account numbers, and user names. The exploit was published on Twitter by Israeli security researcher, Moshe Ben Abu. Abu found the vulnerability by using some information gleaned from a McAfee blog post and a little snooping. He said it only took him ten minutes to find and that he would have found it without the information from McAfee, it just would have taken more time. The fact that Abu posted the exploit dramatically increases the risk of a zero-day attack. This may force Microsoft to release a patch before the next scheduled Patch Tuesday in April. The current recommendations are to switch to a different browser such as Firefox, or to upgrade to Internet Explorer 8, which the vulnerability does not affect. An interesting note about this exploit is that it is ‘unstable’, only executing the code for the Trojan 60 – 70% of the time. This means that even if a hacker tries to upload a Trojan, there is at least a 30% chance it may not go through. This inconsistency is the suspected reason Microsoft has not released an immediate patch. The release of the exploit to the public may change this however.
CNET News; Researcher publishes exploit for new IE hole by Elinor Mills
Infosecurity.com; New zero-day Internet Explorer 6/7 vulnerability allows trojan to slip through
PC World; It's Time to Finally Drop Internet Explorer 6 by Tony Bradley
Google’s Withdraw from China all but certain
Internet search giant Google has all but announced its departure from China. Things started to get bad when Google suffered a substantial hack back in December of last year. The hack originated from China and appeared to be connected to the government in some way at the time but is now believed to have originated from two Chinese schools. The schools were Shanghai Jiaotong University and Lanxiang Vocational School. Google said that the hack was one of the most sophisticated attacks they have ever seen. Tensions between the internet giant and China have not improved. The inability of Google and the Chinese government to reach a compromise on internet censorship has made Google decide that leaving the country is most likely for the best.
ComputerWorld.com- February 22, 2010 - 6:03 A.M.
Google China hack attack controversy: two schools fingered
Google Hack Attack Was Ultra Sophisticated, New Details Show
By Kim Zetter January 14, 2010
Ringleaders behind Mariposa Botnet Captured
Authorities have captured three of the masterminds behind the Mariposa Botnet, one of the biggest botnets. Mariposa had infected as many as 13 million computers before being dismantled. Some of the infected PCs included computers and servers inside more than half of the Fortune 1,000 companies and more than 40 major banks. The infection was a data vacuum, collecting mass amounts of credit card numbers and bank statement credentials. The bot became active in December of 2008 and quickly grew into one of the biggest networks of infected computers ever seen. The three men who were captured were Spanish citizens with no prior criminal records. They were captured by Spanish police with the help of private computer security firms. It is currently unknown how much money was actually stolen by the criminals but authorities are still investigating this aspect of the crime. The three men who were captured were not the stereotypical genius computer hackers one thinks of as a mastermind behind one of the biggest cyber-attacks to date. They did however, have connections to the underworld. They had others create and help run the botnet. This attack is said to be even more sophisticated than the one on Google that made them decide to pull out of China. Authorities expect more arrests to be made in several other countries but have not given any details. More news is expected over the next few weeks.
Source; AP- .Authorities bust 3 in infection of 13M computers By JORDAN ROBERTSON, AP Technology Writer Jordan Robertson, Ap Technology Writer – Tue Mar 2