Rogueware mainly indicates any kind of false software solution that pretends to provide your PC protection against virus or malware attacks. Rogueware takes advantage of the fear in computer users’ minds of any impending cyber attack. It coerces users to buy the fake antivirus solution, especially through popular social networking sites likes Facebook, Twitter, Digg, and MySpace. Rogueware uses attractive pop-ups and sends messages through the web browser’s task bar. It pretends to scan the operating systems and shows pop-ups indicating existence of malware. These programs also modify the operating systems to ensure the rogueware is established in the system.

The advantage that rogueware gives is that cyber criminals no longer need to hack password and username of users to creep into their financial accounts. All they need to do is to find a way of being bought by gullible PC users. PandaLabs put the figure of rogueware groups at 200. In fact, there has been a five- to ten-fold rise in rogueware between Q3 2008 and Q3 2009. These rogueware also dodge signature-based detection by valid antivirus software.

The business of rogueware is generating a whopping $34 million every month for the cyber cons. PandaLabs researchers say that this model consists of two groups: program creators and program distributors. The creators make the applications, provide the distribution platform, and other services. The distributors increase the spread of the rogueware and catch unsuspecting users who fall prey and buy these programs.

The software major has advertised that its new operating system can ward off malware and cyber attacks. The Snow Leopard comes with built-in antivirus protection, execution control based on hardware, and stronger checks against memory corruption attacks. Apple says that this new OS protects users against hacking techniques that also include “sandboxing”. Users can also download the Apple security updates automatically and install these with a single click.

The Snow Leopard also comes with features like increased parental control and password assistance for the users. The security response from Apple comes in the face of the increase in malware specifically targeted at Mac OS X. Trojan variants started being distributed, which even cracked Adobe Photoshop CS4 applications.
However, Apple’s fanfare about security readiness and protection has not been lapped up. Critics point out that Snow Leopard does not come with a full-fledged anti-virus solution and is not good enough to remove any malware already existing in the system. Also, Apple’s firewall is turned off by default and cannot be configured by most third-part solutions. The software updates are not automatic and users are not made aware of what current levels of protection exists.

While Apple’s XProtect is useful for programs like Entourage, Safari, Mail, Firefox, Thunderbird, it does not secure other programs like Skype, Adium, BitTorrent and Apple’s Finder as well as USB drives and shared network volumes.

Social networking sites are the favorite haunt of online hackers and malware planters. These networking sites like Facebook, offer a veritable and large resource of accounts – over 250 million – that can be rigged. Hackers often use keyloggers and network sniffers to hack Facebook accounts.

Posts and messages on Facebook are all about personal communication. When anybody posts you a message, or you respond to your friends, the connection works on the basis of trust. You would rarely assume that the friend you are “talking” to via Facebook is actually not the real guy but someone who is acting as his proxy. Many a times, hackers posing as one of your known friends, ask for money on an urgent basis. If you are a Facebook user, however trustworthy you are of your friends, make sure you call them or meet them face to face before transferring any money. For all you know, you may end up a fool while the hacker laughs his way to the bank.

Many a times hackers not just change passwords, they change the entire Facebook profile of the user. To their shock, many users could not log into their accounts before figuring out that these have been totally overtaken and rigged.

Sadly, there are not too many known ways of how to reset your password after your Facebook account has been hacked. Since the fraudster is faceless and may be too far off to track, the best possible solution is to just sit back, stay off your Facebook account for a few weeks and then start afresh.

You may not be very successful in using tools such as Faceboos because if you have a few failed attempts at accessing, Facebook will block your IP address.

However, Curl is touted as a powerful command line tool that can help recover any Facebook account password that has been lost or forgotten.

This cross-site-scripting or XSS vulnerability which has crept into Twitter is because of the social networking site’s inherent weakness. TweetDeck, TwitterFox or HootSuite, the applications on Twitter which allow users to post their tweets, do not automatically filter the unique resource locator (URL) of the programs that are posted on users’ tweets. This means that whenever users post any URLs on their tweets they are exposing their Twitter accounts to the possibility of hacking. So any one with a decent understanding of back-end computer application can actually make Twitter “applications” and unassumingly attract other Twitter users to communicate.

Also, social networking sites like Twitter provide a target-rich environment for planting any malware or hacking user accounts. Since a large number of Twitter accounts have “followers”, it is very easy for hackers and dubious codes to creep into multiple user accounts.

This XSS bug was first reported in a blog posted by James Slater. The blog revealed that this bug can be used to run any arbitrary code on the machines through which users unsuspectingly visit a Twitter account. Once a compromised account is viewed by an unsuspecting user, the JavaScript is pulled by the hacker, who in turn can change the profile and rob the authentication cookies.

This cross-site-scripting code is another major weakness in the Web 2.0 service. Twitter’s bug arises from the weaknesses in the API which allows hackers to write codes for standalone applications that can read and send messages over the Twitter network.

How these websites are hacked is, a corrupt iFrame is being embedded into thousands of websites and unsuspecting users’ PC fall prey to the malware while surfing Internet sites. The iFrame leads to an intermediary exploit website, which subsequently loads further exploits and malware from seven varied domains of malware. Judging from the malware binaries, researchers say that the virus attacks may be originating from China. However, websites in China also fall prey to mass hacking.

The malware gets installed on personal computers using Windows and creeps in silently. One of the latest in the malware attacks is SQL injection. In this mass malware attacks, it is not yet clear what the exact motives of the attacks is or what are the exact vulnerabilities that are being exploited. However, users should safeguard their operating systems (OS) and desktop software programs against the malware attacks.

Although Microsoft Windows seems the focus of the attacks, some of the popular software that are being targeted are Apple’s QuickTime, WinZip, Adobe Flash, Adobe PDF, and RealPlayer. Users should ensure that their programs are updated to their latest version. Among these 56,000 websites that have been hacked, many are legitimate online sites. Even charitable and nursing help sites have not been spared.

To secure the user, there are alarms, laptop locks, stickers and labels that have been developed. Mere password locking is not sufficient to ensure data security. Full-disk encryption (FDE) is a widely used method to protect the laptop before the operating system starts up. FDE can be done by adopting a software-based approach or hardware-based approach or both.

Then there is the remote laptop security (RLS) with which access can be denied to a stolen laptop, thereby ensuring security of information. Also, there are programs that can be installed using which the owner of the stolen laptop can wipe financial or client-sensitive information from a remote location. There are also GPS tracking programs that can help to trace stolen laptops.

One of the smart things to do while traveling with laptops is to ensure that you have a back-up for everything you need and avoid accessing any financial information so that you do not leave a trail of your sensitive information.

However, there are doubts over the effectiveness of anti-theft measures that can prevent sensitive information from getting lost when a laptop is stolen. On both the Mac and PC, a laptop robber can get rid of many of the checks and balances that anti-theft and recovery software impose. The network connection can be turned off so you can never track the software’s location; the thief can even clear the hard disk.

If you are still keen to try out any recovery software, check out Undercover for the Mac (and iPhone). Nowadays it also comes with a WiFi-based positioning to help map where the stolen laptop may be possibly stored. Also, there’s the MacTrak software which transmits pictures and network with the help of e-mail or to a Flickr account.

For Windows, LoJack for laptops is popular. The software’s location can be traced via network connection daily. If the laptop is stolen, you can trace location changes every 15 minutes. You can also remotely wipe data.

How W32/Induct-A spreads is that if an application programme is already infected with this virus, any software that gets compiled on the affected machine also falls prey. This virus creates and spreads its own executable file and also the source code. This virus also drops its code into other programmes that have been compiled on the infected computer system. However, the sunny side is that this malware does not erase any programmes.

But, SonicWALL and SophosLabs researchers say that this malware, W32/Induct-A, will be easily barred by anti-virus software. Already over 3,000 exclusive samples of infected programmes have emerged. This virus generally affects computers that have been installed with Delphi environment versions 4.0, 5.0, 6.0 or 7.0. Then, if W32/Induct-A detects software, it compiles the Delphi source file Sysconst.pas, and produces a modified version of Sysconst.dcu, which is the compiled file.

As of now, W32/Induct-A is not considered malicious or threatening as there is no payload. However, it has managed to infect many versions of the widely used IM client QIP. Among the hundreds of software already infected are Any TV Free 2.41 and Tidy Favorites 4.1. It is estimated that 30% of Delphi users worldwide use Any TV Free 2.41 and Tidy Favorites 4.1, so the extent of infection is substantial.

A cue for Delphi users is, update your anti-virus software and alert the developers if you find a W32/Induct-A infection in any programme.

Over and above the standard 30-day trial period, the Windows Secrets newsletter has listed the steps to add another 90 days of grace period. This means that for an entire 120-day period the operating system is not degraded and you get free, unrestricted access whether you are using Ultimate or the Basic.

Since it’s free, most users will rush for the topmost version, Ultimate, during the 120-day grace period. However, for regular use you may actually buy the Home Premium and not Ultimate. But here lies the catch. The Home Premium will refuse to activate if you’re having the Ultimate installed. This means that you’ve to go through a complete re-install for Windows 7 Home Premium. But there’s also an easier way out: Simply install Windows 7 Home Premium or Pro from a Windows 7 Ultimate CD.

You have to keep a few things in mind while installing Windows 7. In case you insert a DVD of Win7 Ultimate and run the installer, the Win7 Ultimate will be installed. However, you should delete the ei.cfg file to get to chose from Starter, Home Basic, Home Premium, Professional and Ultimate.

By now, although Microsoft has distributed a small number of copies of Windows 7, surely there are many more unlicensed copies of Windows 7 doing the rounds in the market before the official launch in October. But to protect your system, ensure that you download the licensed version from the authorised sites. Because the biggest player in the market has realized that the best way to beat the grey market is to extend the trial period of the licensed version.

Now, why are security walls falling easily to malware? Well, malware are viruses that sneak into computers and remain invisible to users. So, while you are making transactions over the Internet, your data and personal financial information is being captured unknowingly. Mostly, these malware are specifically designed to catch bank details, debit and credit card information, and password used during commercial transactions. Once the data is captured, these are sold in the black market for quick bucks. Many hackers also use the bank information to make huge purchases. Malware are creeping into online payment sites like PayPal, and e-commerce sites like amazon.com, ebay.com where user data may be stored.

Previously, firewalls were enough in most cases to ensure computer security but lately, hackers have found smarter ways with malware to breach perimeter security. Within an enterprise network, fraudsters often embed malware in centralized locations or distributed networks. An estimated 3% of computers users worldwide have faced malware attack. The distribution of malware has also become innovative. Malware are targeting social network sites like Facebook.com and Twitter.com, SMS networks, and using web page clones to entice users to enter personal information.

Analysts also point to the economic downturn as a reason to the rise of malware and identity theft. A lull in the economic pathway appears to have led to a flourish in black market ensuring a boom in malware spread.

• 17ebook.com,
• aladel.net,
• bpwhamburgorchardpark.org,
• clicnews.com,
• dfwdiesel.net,
• divineenterprises.net,
• fantasticfilms.ru,
• gardensrestaurantandcatering.com,
• ginedis.com,
• gncr.org,
• hdvideoforums.org,
• hihanin.com,
• kingfamilyphotoalbum.com,
• likaraoke.com,
• mactep.org,
• magic4you.nu,
• marbling.pe.kr,
• nacjalneg.info,
• pronline.ru,
• purplehoodie.com,
• qsng.cn
• seksburada.net,
• sportsmansclub.net,
• stock888.cn,
• tathli.com,
• teamclouds.com,
• texaswhitetailfever.com,
• wadefamilytree.org,
• xnescat.info, and
• yt118.com .

The infected sites had on average 18,000 threats and 40 per cent of the sites had more than 20,000 threats, while 75 per cent of websites on the list were found to be spreading malware for over six months.