SpywareInfo Home
January 21, 2003

Trojan makes its way through the WinMX network

http://www.spywareinfoforum.info/yabbse/index.php?board=6;action=display;threadid=3102

Anyone using the WinMX file sharing application needs be aware of a new trojan in the wild that seems to be targeted specifically at the WinMX network. This trojan is being identified as Win32.Glimp trojan by ETrust anti-virus, Trojan.Win32.WinMXtrojan.10 by Kaspersky anti-virus, and Trojan.Win32.WinMXp2p by Gladiator anti-virus.

On an infected machine, the WinMX trojan will copy Word documents, text files, .ini files, batch files, etc into a special directory, then change their extensions to .avi. This directory is then shared on the network by the WinMX peer to peer application. By adding the victim's WinMX login name to the attacker's "Hotlist" and then selecting "Browse", the attacker can browse through and download every file that has been copied into the directory.

I can't find a whole lot of information about this trojan. At this point, all I can suggest is to keep updating your anti-virus software and to double-check what are in the folders you are sharing through WinMX and other peer to peer programs. No matter which anti-virus software you have and no matter which peer to peer program you use, always scan newly downloaded files before you run them. Always.

ETrust Anti-Virus - http://www.my-etrust.com/
Kaspersky Anti-Virus - http://www.kaspersky.com/
Gladiator Anti-Virus - http://gladiator-antivirus.com/ (Note: GAV is still in alpha testing)

Featured Product

Permlink | Top

Spyblocker Version 6

Many Web sites have ads that are distracting and a drain on bandwidth. Some sites send cookies and other files to your computer. Still others acquire information about you, your machine, and your browsing habits by using single-pixel Web bugs and other methods.

SpyBlocker monitors this type of Web activity and allows users to control or block the ads and tracking systems. But SpyBlocker goes one step further. SpyBlocker strips ads out of ad-supported software, disabling the ad module and tracking capabilities without disabling the functionality of the program until you discover the program is 'spying' and remove it.

Spyblocker is a favorite among the experts who regularly help people out at the SWI support forums. It's a powerful program that can go a long way toward securing your computer from all sorts of malware that can infect you just by browsing the internet (activex drive-bys, rogue javascripts, etc). It can even block spyware from calling home if you don't realize you have it installed.

Last week I announced that as soon as membership at the support forums reached 2,000, there would be some free software handed out. I said I would choose a member at random to receive a fully licensed copy of a certain security product. That security product is the newly released Spyblocker version 6, an excellent product and our featured item this week. And the lucky new owner is the member who goes by the nickname "Supplex". Congrats, Supplex! Let's look for the 3,000th person now ;)

Unfortunately, we can only afford to give away one copy. However, if you'd like to own this new version of Spyblocker, we're offering it at a good discount. All week, until January 28, you can purchase Spyblocker for 10% off the normal price. Spyblocker Software also makes Settings Sentry, a program that monitors your browser settings in both Internet Explorer and Netscape for alterations made by browser hijackers and drive-by downloaders. If you purchase both Spyblocker and Settings Sentry, Spyblocker is 15% off. Setting Sentry is already priced as low as possible, and with the extra 5% off on Spyblocker, it is a huge bargain for two exceptional products.

Click here for full details

Is this still America?

Permlink | Top

Al Quaeda is winning.

What the hell do you mean Al Quaeda is winning? Afghanistan is a cratered, shattered wasteland with a government installed by the United States. Al Quaeda's top leaders are all cowering in a cave somewhere listening to American bombs creeping closer and closer. How could they possibly be winning?

They are winning because they are achieving their goal of destroying America's culture of freedom. Everything they intended to happen is happening. We are busy tossing away every right and freedom that our fathers, grandfathers, and great-grandfathers shed blood fighting to preserve.

Second only to the First Amendment, the Fourth Amendment to the US Constitution is America's most sacred law.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The US Patriot Act has no place in a nation protected by the Fourth Amendment. And yet, it exists. Government bureaucrats have been exploiting the slaughter of 3,000 innocent victims for their own gain by creating unnecessary laws that usurp our freedoms while doing nothing to locate and capture terrorists. It is to the point now that law enforcement is actually trying to seize evidence without actually serving a warrant. http://www.epic.org/privacy/bach/

The government has opened a new department within the military whose sole purpose is to collect every single scrap of information about American citizens that it can get its hands on. Every activity, legal or illegal, innocent or malicious, will be monitored with some of the most sophisticated surveillance tools ever created. Every page you surf to and every email you write could possibly be noted in a government dossier. http://www.aclu.org/Privacy/Privacy.cfm?ID=11323&c=130

This sort of power play is to be expected of bureaucrats. The tendency of government is to grow larger and ever more intrusive. The war is simply giving it an excuse to speed up the process. People are justifiably scared, so they are taking advantage of that fear by making a blatant grab for power.

This preoccupation with newfound power is not limited to the bureaucrats or to the government however. Average Americans are starting to forget that they are Americans.

Have you ever watched a movie set in conquered Europe during World War II? If so, maybe this will sound familiar.

There is a long queue of people waiting to reach the checkpoint where they must present their papers and perhaps submit to a search. Of those who are singled out to be searched, a group which includes a disproportionate number of attractive women, many are forced to take off articles of clothing with no regard to privacy or to the people standing in line behind them watching everything. Partially unclothed, these people are frisked ... or blatantly molested.

The officers are unfriendly and hostile, and seem to get a perverse pleasure out of exercising their small amount of authority. They go out of their way to make the whole affair very unpleasant. If someone objects to being groped by an overbearing, arrogant officer while half-naked, he just smirks. If someone refuses to be molested and objects loudly, they are threatened or even arrested. The same for a husband enraged by the abuse of his wife.

I know what you're thinking. Nazi scum. Unfortunately, I'm not describing a scene from Shindler's List or from any other movie. The officers I described are not Nazis and the people standing in the queue are not Jews in some Polish city conquered by the Wermacht. What I just described is something that is occurring every single day in America's airports.

Most likely you are already sitting down. If not, please do so now. Take a deep breath, for you are about to be very shocked, and very, very angry. You might also become a little scared.

Stop reading this newsletter for a moment and read these two pages that I link to. Both links will open new windows so that you don't lose your place here (for those reading this online). The first is the true account of a man whose wife was so traumatized at being molested by armed thugs in uniform at the Portland International Airport that she nearly had a miscarriage and of the blatant abuse of the legal system which followed. The second is a series of reports of women who have been molested by security guards at airport security checkpoints.

http://www.lewrockwell.com/orig3/monahan1.html
http://www.arizonarepublic.com/special42/articles/0207frisk07.html

We are seeing the very beginnings of a police state emerging from the ashes of September 11. When our own people can act like nazi thugs as these security people at Portland International Airport did in this incident, then the free America I grew up in is fading out of existence.

It embarrasses me that these thugs were fellow Americans. It would appear that it also embarrassed the supervisors who covered up the incident, and the DA who prosecuted the victim. That the people involved also feel embarrassed about the actions of their colleagues at least shows that not all hope is lost yet. When they can do that sort of thing without feeling a twinge of guilt, that's when things will be beyond hope.

We survived 45 years of the Cold War with our freedoms fully intact. Are we going to survive the war on terror with our freedoms intact? From the looks of it, the answer to that is no.

America is approaching a very dangerous crossroads in its history. The freedoms that have survived wars that nearly brought this country to its knees are now in very real danger of disappearing forever. The free and open society that makes this America is on the verge of being changed into a society of oppression and tyranny. Bit by bit, one right after another will be eroded until there are none left.

This next US election and every election for the next decade or two will be far more important than in times past. America is in real danger of losing its identity. In every election from this point forward, we must elect politicians who still take our rights seriously. We still have the right to choose our own leaders. Even that may be in danger at some point down the road, but for now, the opinions of the people still matter.

We didn't need the Patriot Act and the Total Information Awareness office to outlive the Soviet Empire. Nor did we need to take away vital freedoms in order to survive the Cold War. We don't need this now to survive the war on terror. What is needed is for people to remember just what it is that made this a great nation. As the politicians make their speeches in the coming months, keep an eye out for leaders who realize this. While we still have the right to choose who leads us, make sure you choose carefully.

This next item shows that there are still powerful politicians willing and able to fight for Americans' rights.

Lawmakers seek to limit TIA

Permlink | Top

http://www.washtimes.com/national/20030117-28614801.htm

The Pentagon's Total Information Awareness program is under attack on Capitol Hill, where lawmakers are threatening to pull funding or kill the data-mining system legislatively.

A proposed amendment to the omnibus spending bill now before the Senate would prohibit the use of funds for research, development, testing and evaluation on the program's technology.

Dubbed a "Big Brother" program by critics, it would create a database of public and private transactions in an effort to identify terrorists. The TIA program was established quietly last year by retired Vice Adm. John Poindexter and angered some Democratic lawmakers on Capitol Hill.

"They would be in a position to look at education, travel and medical records, and develop risk profiles for millions of Americans in the quest to examine questionable conduct and certainly suspicious activity that would generate concern for the safety of the American people," said Sen. Ron Wyden, Oregon Democrat.

"I am of the view the Senate has a special obligation to be vigilant in this area so we do not approve actions or condone actions by this particular office that could compromise the bedrock of this nation, our Constitution," said Mr. Wyden, sponsor of the amendment.

Did Travelogia.com Break Its Privacy Policy?

Permlink | Top

http://help.lockergnome.com/index.php?act=ST&f=10&t=1882&hl=&s=

A user of Travelogia.com's Boarding Pass software posted a very angry rant recently on Lockergnome's message boards. The user felt that Travelogia had violated its privacy policy by providing his registration details to several third party companies.

Within a few minutes, I suddenly got a slew of email in my inbox welcoming me to Hotwired.com, Expedia.com, Northwest Airlines, Cheap Tickets and Trip.com, even though I did not book any travel. My real email address , name and other information was communicated to these services merely by the act of trying to obtain more information through the BoardingPass application. Each of these services registered me as a new user and will of course, now add to list of spam garbage that I get everyday.

I contacted travelogia.com and asked for a comment on this. Travelogia.com's Vice-President and Co-Founder Rick Levin had this to say:

We received your email this morning, and needless to say, we were alarmed at its contents. In fact, our tech team has been testing the issues you brought up and found several of them to be valid. This was in NO WAY intentional and will have our tech department working around the clock until it is fixed.

The privacy issue is very important to us, as it should be. We work very hard to attract customers, we don't spam, and we have a quality product. It was not our internet [sic] to pass a BoardingPass registered user's email address to the different sites that BoardingPass searches. We should have this fixed sometime this week.

WE DO NOT sell, rent or disclose our registered member's email addresses to any third-parties, with the exception of the travel suppliers that the customer is booking travel or making reservation inquiries with. I don't believe that we have breached this promise. However, allowing the sites that BoardingPass searches to capture the user's email does not make good business sense and is not in the best interest of our registered users. This will be fixed ASAP as noted above.

I wish that I could sit here and deny everything you wrote, but I can't and won't. I will tell you this.... this was a technology glitch (same as Expedia and AOL have had over the last few years) and not a violation of the ethical standards that we operate our company by. Instead, I would like to apologize to those users that have had this problem and thank you for bringing this to our attention.

It looks to me like this is a silly oversight caused by insufficient testing. It doesn't appear to be a deliberate violation of the privacy policy however. These days, you'd have to be a real fool to publish a privacy policy and then not follow it. Doing so may expose a company to a rash of lawsuits and might even draw the attention of the authorities.

We'll wait until next week and test out the updated software and make sure this issue is settled. In the meantime, if you use this product, be aware that until this is corrected, clicking the "book" icon to get more information about a flight will probably lead to your registration information being passed to the company you're looking into.

New Online Spyware Scanner In Testing

Permlink | Top

In partnership with Xblock, maker of X-Cleaner Spyware Remover, SpywareInfo is testing a new online spyware scanner. This is an activex application that can quickly scan your PC for spyware right from your browser.

This application is still in beta testing, but so far the results are very good. Since it is still in testing, I won't give out the address just yet. If you'd like to take part in testing it, send me an email and I'll write back with the address.

In the meantime, there is already a javascript parasite detection script available that can detect dozens of unwanted adware and spyware programs. http://www.spywareinfoforum.info/scanner.php

Ramble

Permlink | Top

A while back while discussing my new ISP, I said that "if I ever had to go back to dialup, I believe I'd commit hari kari." I knew I was saying it wrong, but I couldn't remember the proper phrase, so I just used the common Americanized version. One of my readers sent me a message to show me the proper phrase.

That's "Hara Kiri" :) The hara is the region just below the navel, and is traditionally considered to be where one's ki (or chi, spirit, etc.) resides.

And there you have it. I certainly hope I didn't offend anyone by butchering the phrase. If so, I apologize.


Have you ever been the victim of a dialer program that ran up a phone bill full of charges to foreign countries? We want to hear about it.

SUBSCRIBE
TO THE
SPYWARE WEEKLY!

Email Address

Support SpywareInfo with PayPal or Amazon - it's fast, free and secure!
Support SpywareInfo

Tech Tips from Lockergnome.com
GnomeTomes

Privacy news
Privacy News


All material on this web site is copyrighted
© 2001-2002 by Mike Healan. ® All rights reserved.

Proofread by the lovely Noggie

SpywareInfo banner originally designed by mockie