Here are a few articles I found interesting this week:
Now that Microsoft has an ad revenue to worry about – courtesy of the relative success of their Bing search engine – they’re taking steps to protect their revenue stream. MS is in a unique position to tackle the problem of click-fraud malware, since they have both a click-based ad system and a large footprint of anti-malware software installs (courtesy of their free Security Essentials package). It’ll be extremely interesting to see if Microsoft’s unique position can allow them to make a dent in the click fraud business. And it’ll be even more interesting to see how the fraudsters fight back.
Patco Construction Company sued people’s United Bank after Patco lost $345,000 due to an attack on the bank’s online banking system. The attacker installed key-logger software on Patco systems, handily defeating the bank’s “security question” system.
Interesting that a fairly old piece of malware triggered a new warning, even though all signs point to the malware being nearly extinct in the wild. However, it is interesting to see the analysis of this particular piece of malware. Narilam seems designed to compromise accounting software written by a very specific Iranian software company. To me, this suggests either an “inside job” of sorts, or an attempt to discredit that particular company.
Continuing an interesting trend in advanced malware to resist detection and analysis, “Shylock” looks for evidence of a remote desktop session, and hides if it finds one. We’re seeing more and more malware authors attack the human element of malware detection and response, not just the anti-malware software. This is a smart play on the malware authors’ part, since human beings are often the weakest point in any security system.