Viruses lurking in 'news' photos

United Press International, a sister news organization of the Washington Times ^ | 7/28/04, 11:27 a.m. | Gene Koprowski

[solicitor77]

A weekly series by UPI examining the global telecommunications phenomenon known as the World Wide Web.

--

CHICAGO, July 28 (UPI) -- Computer hooligans are increasingly employing more sophisticated techniques to trick unsuspecting consumers and infect their PCs with viruses, including embedding malicious code in fabricated news images, such as those posted on the Internet last week purporting to show terrorist madman Osama bin Laden dead from suicide.

"If you are going to talk about trends in malware -- malicious code -- you must talk about trends in overall computer technology," said Sam Curry, the vice president of security management at Computer Associates International Inc., in Islandia, N.Y., on Long Island. "Hackers are increasing their sophistication every few months," he told United Press International. "The more complex networks become, the more sophisticated the hackers become, and the more danger there is on networks."

Computer software experts have made networks smarter and more resilient in recent years, adding software that screens e-mail attachments for virus-laden images or messages. That has been a deterrence for many hackers.

The problem is these rogues continue to come up with new tricks to lure consumers.

Internet chat rooms and Usenet news groups are a favorite haunt of these unsavory individuals, who have taken to posting fake, often lurid, images online, linked to the news or alleged news events.

The technique is called "social engineering" by the hackers, because it is a way to deceive others into doing something they want them to do, experts told UPI.

Comments? E-mail sciencemail@upi.com

[solicitor77]

Interesting article about changes in the methods used by hackers/terrorists online.

[bikepacker67]

The problem is, hackers are not properly punished for the amount of havoc they cause.

Life sentences for malware that wordwide, costs millions of $$$ would be far more suitable.

And then lil Johnny Phreaker would think twice.

[End Times Sentinel]

I remember a few years ago, our network admin sent around an urgent warning about a virus that came in an attachment called "nakedwife".  Sure enough, about 15 minutes later, I got an email from someone I didn't know with an attachment called nakedwife".

To this day, I blame the network admin for mistakenly overestimating my will power.

Owl_Eagle

”Guns Before Butter.”

[mlbford2]

I apologize for this off subject. Anybody know how to load a RW/CD that has Excell and Word 2000 docs made from a 98se onto a XP home. I'm having a bear of a time. Sorry again for off subjuct.

Signed,
One very frustrated proud owner of a new computer.

[BenLurkin]

"terrorist madman Osama bin Laden"

Guess this writer will have to be disciplined for maligning someone the MM would call a hero.

[ShadowAce]

Tech Ping

[martin_fierro]

Internet chat rooms and Usenet news groups are a favorite haunt of these unsavory individuals, who have taken to posting fake, often lurid, images online, linked to the news or alleged news events.

"Osama Bin Laden Captured" [VIRUS ALERT] Spam Message That Downloads a Trojan

See also Scob trojan

[martin_fierro]

Anybody know how to load a RW/CD that has Excell and Word 2000 docs made from a 98se onto a XP home.

Make sure you have the same software & version on the new PC as was used to originally format/create the CDRW. Roxio?

[AlBondigas]

You can't copy your docs from CD to a folder in XP ?

[mlbford2]

Oh thank you. Yes, you are exactly correct. I did load Word2000 and the same Excell onto the new computer. When I tried to open XP said something about need to load some driver for 98/NT ("YES"/"NO"). I chose "YES" (bad idea). Still wouldn't open. Now it says this everytime I start Windows

Issue Description:
>
> A driver is installed that causes stability problems with your system.
> This driver will be disabled. Please contact the driver manufacturer for
> an update that is compatible with this version of Windows.
>
> Contact Information:
>
> Available Patch:
http://www.roxio.com/en/jhtml/xpupdate.jhtml?location=update

Now I don't know where to find this BS driver to unload it. The Tech support at HP is like talking to a wall (if you can even understand them). Thank you for your help.

[mlbford2]

And yes, it was CREATED in Roxio. That's not what is on XP though.

[dasboot]

Something new; don't know if anybody else has gotten them:

I recieved what appeared to be a notice from my email provider's security team, saying that a large number of unsolited email had been sent using my addy. It instructed me to open the attachment and follow instructions to get rid of the virus.

I sent a foreward to my provider (without opening attachment) and they sent it back saying they detected a virus in the attachment, and that they had not been the originator of the email.

Got another one today. Very clever.

[AlBondigas]

so why screw w/ compatibility issues ?
Take the easy way out.
Use Windows explorer & copy your CD to My documents.
confirm that they open on XP machine.
If yes, trash old CD.
Make new CD of My documents using WinXP drag n drop.

[JoJo Gunn]

It's not images themselves that will give you the virus. They've written code that makes your clicking on them to start the installation of the virus, or redirect you to another site, or whatever they have in mind.

Note this first image and how it isn't active. That is, the arrow doesn't turn into a little hand, which would indicate it has an active link, as compared to the second image, which I've coded to go to that computer site.

If I'd wanted, I too could have misled you and had the second image go to a porn site instead.

They're just getting more brazen at exploiting common web practices. There is nothing "sophisticated" about it, especially considering someone like me with limited HTML knowledge can make this example. Everyone just needs to be more careful.

[Paleo Conservative]

[evets]

pics?

[JudyB1938]

When clicking on "properties", would it show that the link went to a porn site - or is that spoofed, too?

[JoJo Gunn]

When you right click in IE, all it shows of that second image I posted is the properties of the .gif image. With Firefox it'll show both the image properties and the link address. Always note that on the bottom left of the status bar the link your mouse hovers on shows too. (It does with IE and Firefox, at least). It's good to train yourself to instinctively look there each and every time.

As far as spoofing a link even more, I feel that if they can imagine it, they can and will eventually do it.

[JoJo Gunn]

This is one of my off nights, so maybe I didn't answer you enough. As for my saying I could have coded the image to instead to go to a porn site, or something with a "drive-by installer", (things like Gator or the latest browser hijacker, etc). it would still show up on the status bar. Yet keep in mind I'm just Joe Layman, still in the HTML sandbox. I wouldn't doubt they know how to make what shows on the status bar something "safe", or not even show at all.