Lost+Found: Reinfection, LoroBot, Successes and Hoaxes
Too short for news, too good to lose; lost+found is a round up of useful security information. Today, Reinfection, LoroBot, Successes and Hoaxes
According to a blog post by security services provider Dasient, information from its proprietary malware analysis platform shows a reinfection rate of nearly 40 per cent for several sites. Dasient says that there are a number of factors that contribute to the high infection rate, such as "the tendency for attackers to look for attack vectors common to large numbers of sites and then develop automated attack scripts that will repeatedly seek out those vectors and exploit them".
Another encryption ransomware trojan is making the rounds again. LoroBot encrypts various files on a users hard drive, such as music, movies and documents, and asks them to pay $100 for the decryption key to retrieve their data. Thankfully, CA is providing a free decryption tool.
Microsoft's security chief believes that fixing more, but less-critical bugs as part of the companies Security Development Lifecycle (SDL) improves the overall security of its products, making them harder to exploit.
Bad joke: A blogger spreading the message that 'str0ke', the person behind the Milw0rm exploit portal, had died of a heart attack and that the funeral was on Friday. Shortly thereafter str0ke responded via Twitter saying that "I'm not dead yet, just being trolled."