Thursday, August 21, 2008

Beware Good Spyware or "The road to hell is paved with good intentions"

A new anti-piracy software solution was recently presented in this article.

Marketed as "an intelligence gathering tool", the described software "rather than trying to prevent unauthorized use of software, collects data on how and where it is used, and then stealthily sends it back to the software's maker".

Oh, dear. The old phantoms of AV industry keep coming back over and over again in the form of good worms, good spyware, and "white-listing" panacea against all the bad guys.

To better understand this one, it might help recalling the Magic Lantern key logger, developed by FBI.

At that time, it was reported that "other proposed high-technology responses to the threat of terrorism are coming from industry, Congress and elsewhere ... a controversial system installed on a criminal suspect's computer by the government to capture the encryption passwords of a criminal suspect is nearing its second phase; the F.B.I. has acknowledged that it is developing a similar monitoring system, called Magic Lantern, that could be installed remotely."

Sounds familiar, doesn’t it? Just a different "good intention".

Indeed, exactly as St. Bernard of Clairvaux (circa 1150) once said "L'enfer est plein de bonnes volontés ou désirs".

And yeah, just to recall what was the professional response to the Magic Lantern idea (Graham Cluley, Sophos Anti-Virus Inc.): "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party."

Saturday, August 9, 2008

ThreatExpert is under attack

The malware community has came up with an idea of what they call “a reliable detection” if a threat is being analyzed by ThreatExpert.

The code of such detection has been distributed in underground malware forums a few days ago.

This “discovery” was a bit surprising to us, but what followed it makes us believe ThreatExpert automation has finally pissed these guys off: a few hours ago, there was a massive DDoS attack launched against

We are currently working to resolve this problem. What these attacks really mean to us is that ThreatExpert is really working against them.

Update: the DDoS attack was successfully blocked within a few hours since it started.

Friday, August 8, 2008

New hacker attack – this time with the real bombs

According to the Russian media agency Interfax, the website of the Ministry of Internal Affairs of Georgia has been defaced it with a collage of the Georgian President Saakashvili and Adolf Hitler photos.

The hacker attack coincides with the war conflict that spilled over the region of South Ossetia.