Just when you think old-school network bots are dead, a group of
cybercriminals revives them from them grave in the name of Chuck
Norris. Dubbed the “Chuck Norris botnet,” based on the Italian
comment in its source code, in nome di Chuck Norris
(translation: “in the name of Chuck Norris”), this botnet infects
vulnerable DSL modems and routers to
spread a worm Trend Micro detects as WORM_IRCBOT.ABJ.

This worm tries to gain access to a target router by guessing the
router’s configuration password using brute force. It may also spread
via shared networks by exploiting a known Microsoft vulnerability, MS03-039
Buffer Overrun in RPCSS Service. The worm’s routines make
users who are connected to the same network or router at risk of being
infected.

Following the
shutdown of the Mariposa botnet recently, three
alleged members of the group behind the said botnet were finally
arrested last week by the Spanish Police, although they are
still pursuing another suspect that may still be at large somewhere
in South America.

The Mariposa botnet was one of the largest botnets to date. It was
reportedly responsible for attacking millions of businesses around the
world, including Fortune 1000 companies, in a mission to steal online
banking, business, and personal information from compromised systems.

Mar 04, 2010:

As Macs’ share of the consumer
market grows, F-Secure answers the call for Mac Protection, designed to
provide security without slowing down performance.

Helsinki, Finland – March 4, 2010:
Macs are safer in today's threat landscape and their owners come across
far less malicious software than the average PC owner. However — safe is
not the same as secure.

Sean Sullivan, Security Advisor at F-Secure says, “Houses
located in a safer neighborhood are not technically more secure from
burglary. Most of today's Macs just happen to exist in a safer online
environment and aren't being targeted by cyber-criminals. Criminal's
return on investment is simply better in the PC world. ”

A growing number of F-Secure's customers live in households with
using both PCs and Macs and they are increasingly asking us to secure
their irreplaceable content and not just their computers. F-Secure
Online Backup is an example of fulfilling this need. As the share of
Macs increase, so too does the security threat against Mac users. There
are already several trojans and backdoors ready to infect unprotected
Macs.

The changing threat landscape has brought about more sophisticated
Web threats, and left the online population clamoring for better
security features in the systems and applications that they use. This
has pushed Microsoft to develop security mechanisms
within its applications like Windows’ Data Execution
Protection (DEP) and Address Space Layout
Randomization (ASLR).

Both DEP and ASLR are security mechanisms that
Microsoft included in its latest Windows releases starting with XP SP2
and Vista, respectively, which should ideally protect systems from being
attacked by exploit codes. DEP prevents the
execution of code (including malicious shellcode) from certain regions
of computer memory (nonexecutable). ASLR, on the other hand,
randomizes the layout of regions (data areas) in memory to make guessing
the exact location more difficult. But what if these security
mechanisms are not so secure after all?

Recent trends

• The amount of spam in email traffic increased by 3.5% compared to
  December’s figure. The overall average being 86.1% for January.
• Links to phishing sites were found in 0.81% of all emails, a
  decrease of 0.03% compared to December.
• Malicious files were found in 0.07% of all emails, a decrease
  of 0.09% compared with the previous month.

Spam in mail traffic

The amount of spam detected in mail traffic averaged 86.1% in January
2010. A low of 78.9% was recorded on 8 January, with a peak of 89.5% on
24 January.

Percentage
of spam in mail traffic in January 2010

Malware in mail traffic

Malicious files were found in 0.07% of all emails, a decrease of
0.09% compared with the previous month.

According to Symantec’s latest State of Spam and Phishing
report, scam and phishing messages accounted for 21 percent of all
spam, which is the highest level recorded since the inception of the
report. For comparison, these types of spam represented only 10 percent
of total spam a year ago.

Historically, the primary vector for spam attacks was to blast out as
many messages as possible, hoping that someone would open a message and
click on the call to action. The call to action could be anything from
clicking on a link to purchase medications, to visiting an adult
website. While we continue to see high volumes of spam originating from
expansive botnets, spammers are also moving towards a sophisticated and
more targeted approach to spam. Two primary examples of this trend are
419/Nigerian type scams and phishing messages.