eWeek updates the Hannaford data breach story, explaining that malware was found to be present on the Web servers located in every grocery store owned by the chain. While the source of the malware remains unknown, the data breach exemplifies the damage that purpose-built malware can inflict on its target.
The online ticket site EuroTicketShop.com was identified as distributing malware to visitors when they attempted to buy tickets for the upcoming soccer tournament. According to a security alert from Sophos, as reported in ComputerWorld, hackers were able to inject malicious code into the site which is downloaded to the computers of fans visiting the legitimate ticket site. The article points out that Google pay-per-click advertisements were being used to attract visitors to the hacked site as well.
Search Engine Roundtable reports a new round of phishing attacks that target the credit and debit card numbers of Google AdWords customers. This more classic form of phishing, in that a Web form is served up to collect financial information, is different than the AdWords malware fraud reported earlier this month. Don’t be surprised if future variants of these phishing attacks target login credentials so the phishers can take control of the accounts and serve up fraudulent advertisements to lure consumers to bogus Web sites.
Juicy Campus, the site created so that college kids can anonymously dish about, and in some cases slander, their fellow students is rekindling debates about Internet anonymity. For students who find themselves victimized by malicious comments, the nature of Juicy Campus leaves them little recourse for having the postings removed and identifying the responsible parties for potential libel claims.
Hackers were able to penetrate systems at grocer Hannaford Brothers and made off with 4.2 million credit and debit card numbers. The Associated Press reports there are already 1,800 cases of fraud linked to the breach.
(more…)
Byron Acohido and Jon Swartz report in USA TODAY that 40% of all computers connected to the Internet are part of a botnet.
I am just seeing the summary data discovered by our malware crawlers during February. Sites hosted in the United States represent 52% of all the sites we detected distributing malware.
It’s important to note that just because the sites are hosted in the United States doesn’t mean they all represent the actions of U.S.-based individuals. It’s probably fair to assume that a significant portion of the site we discovered in February were:
(more…)
