Jump to content

Search the Community

Showing results for tags 'adware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 5 results

  1. Hackers have targeted Lenovo with a website defacement attack believed to be intended to ‘punish' the firm for its use of the Superfish adware. The attack occurred on Wednesday and forced Lenovo.com to display a slideshow of images while playing Breaking Free from High School Musical. A Lenovo spokesperson told V3 that the firm is taking action to improve the site's security and "investigating other aspects of the attack". "Unfortunately, Lenovo has been the victim of a cyber attack. One effect of this was to redirect traffic from the Lenovo website. We are also actively investigating other aspects," said the spokesperson. "We are responding and have already restored certain functionality to our public-facing website. "We are actively reviewing our network security and will take appropriate steps to bolster our site and protect the integrity of our users' information and experience. "We are also working with third parties to address this attack and will provide additional information as it becomes available." The attack follows Lenovo's use of the Superfish adware on a selected number of laptops. The problem erupted on the Lenovo forum earlier in February when several customers reported finding Superfish installed on their machines. Superfish is adware that collects data such as web traffic information using fake, self-signed root certificates and then uses it to push adverts to the user. The Lizard Squad hacking group is believed to have mounted the attack on Lenovo, although this is yet to be confirmed. Andrew Hay, director of security research at OpenDNS, said that forensic evidence indicates that the attack did stem from Lizard Squad, highlighting similarities with a previous raid on Google.com.vn. Hay explained that Lenovo.com and Google.com.vn use the same registrar, Webnic.cc, and both are hosted in Digital Ocean's Netherlands data centre. He also noted that both raids "used Cloudflare to obfuscate the IP address of the destination server and to balance the traffic load to the website". Ken Westin, senior security analyst at Tripwire, pointed out that the attack would be in line with Lizard Squad's past behaviour in attacking companies that it believes have acted wrongly. "As a result of getting its hands caught in the privacy invading cookie jar with the deployment of the Superfish adware which compromised customers' privacy and security, it has made itself an open target for a number of hacking groups which have essentially declared it open season against Lenovo for its questionable practices," he said. Source
  2. Highly aggressive adware has been found hidden in ten Android applications hosted on Google Play, Bitdefender reported. Adware is highly common on both desktop PCs and smartphones. However, the threats discovered by the security firm stand out not just because they are aggressive, but also because they employ clever tricks to stay hidden on the infected device. Once installed, the apps redirect victims to a webpage, hosted at mobilsitelerim.com/anasayfa, which serves ads designed to trick users into installing other pieces of adware disguised as system or performace updates, or get them to sign up for premium services. The displayed ads differ depending on the user’s location, Bitdefender said. “Although they’re not malicious per se, by broadcasting sensitive user information to third parties, they resemble aggressive adware found on desktop PCs. The resulting barrage of pop-ups, redirects and ads irks users and seriously damages both the user experience and the performance of Android devices,” Bitdefender security researcher Liviu Arsene explained in a blog post. After the adware (Android.Trojan.HiddenApp.E) is installed on the device, the redirections occur whenever the victim tries to access a website via the stock Android browser, Chrome, Firefox, and even Facebook. “After the apps are installed, the redirects occur as soon as you open any of the mentioned browsers. Regardless of what URL you’re trying to visit, you’re redirected to ad-displaying websites. The next redirect is performed after 60 seconds have elapsed,” Arsene told SecurityWeek via email. The applications had been uploaded to Google Play with names such as “What is my ip.” Researchers found the apps under two developer accounts, but the same individual might be behind both of them. In order to avoid raising suspicion, the applications only require two permissions on installation (Network Communication and System Tools). While users might figure out which of the apps they installed cause the annoying redirections, removing them could prove difficult. That’s because the applications are installed with the name “System Manager,” instead of the one used to advertise them on Google Play. The search giant appears to have removed most of the apps from Google Play after being alerted by Bitdefender, but some of the shady programs can still be found on third-party app markets. Experts believe the adware made it past Google’s vetting process because the URL that is used to redirect users doesn’t actually serve any malicious APKs. Source: securityweek.com
  3. Computer maker Lenovo has been forced to remove hidden adware that it was shipping on its laptops and PCs after users expressed anger. The adware - dubbed Superfish - was potentially compromising their security, said experts. The hidden software was also injecting adverts on to browsers using techniques more akin to malware, they added. Lenovo faces questions about why and for how long it was pre-installed on machines - and what data was collected. The company told the BBC in a statement: "Lenovo removed Superfish from the preloads of new consumer systems in January 2015. At the same time Superfish disabled existing Lenovo machines in the market from activating Superfish. Complaining "Superfish was preloaded on to a select number of consumer models only. Lenovo is thoroughly investigating all and any new concerns raised regarding Superfish." Users began complaining about Superfish in Lenovo's forums in the autumn, and the firm told the BBC that it was shipped "in a short window from October to December to help customers potentially discover interesting products while shopping". User feedback, it acknowledged, "was not positive". Last month, forum administrator Mark Hopkins told users that "due to some issues (browser pop up behaviour, for example)", the company had "temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues". He added it had requested that Superfish issue an auto-update for "units already in market". Superfish was designed to help users find products by visually analysing images on the web to find the cheapest ones. Such adware is widely regarded in the industry as a form of malware because of the way it interacts with a person's laptop or PC. Security expert from Surrey University Prof Alan Woodward said: "It is annoying. It is not acceptable. It pops up adverts that you never asked for. It is like Google on steroids. "This bit of software is particularly naughty. People have shown that it can basically intercept everything and it could be really misused." According to security experts, it appears that Lenovo had given Superfish permission to issue its own certificates, allowing it to collect data over secure web connections, known in malware parlance as a man-in-the-middle attack. "If someone went to, say, the Bank of America then Superfish would issue its own certificate pretending to be the Bank of America and intercept whatever you are sending back and forth," said Prof Woodward. Ken Westin, senior analyst at security company Tripwire, agreed: "If the findings are true and Lenovo is installing their own self-signed certificates, they have not only betrayed their customers' trust, but also put them at increased risk." Clean install Although Lenovo has said that it has removed Superfish from new machines and disabled it from others, it was unclear what the situation would be for machines where it had already been activated. Prof Woodward said: "Lenovo is being very coy about this but it needs to explain how long it has been doing this, what the scale is and where all the data it has collected is being stored. "There will be remnants of it left on machines and Lenovo does not ship the disks that allow people to do a clean install." It raises wider questions about the deals that computer manufacturers do with third parties and the amount of software that comes pre-installed on machines. Mr Westin said: "With increasingly security and privacy-conscious buyers, laptop and mobile phone manufacturers may well be doing themselves a disservice by seeking outdated advertising based monetisation strategies." Users were particularly angry that they had not been told about the adware. One Lenovo forum user said: "It's not like they stuck it on the flier saying... we install adware on our computers so we can profit from our customers by using hidden software. "However, I now know this. I now will not buy any Lenovo laptop again." The problem also caused a storm on Twitter, where both Lenovo and Superfish were among the most popular discussion topics. Source
  4. S: Let’s back up a second. Why did you write adware? M: I was utterly and grindingly broke for a little while. I started working on SPAM filtering software. That work got noticed by [Direct Revenue], who hired me to analyze their distribution chain. For a little while, the site through which all their ads ran was something like top 20 in Alexa. Monstrous, really huge traffic. Maybe 4 or 5 months into my tenure there, a virus came out that was disabling some of the machines that we had adware on. I said, “I know enough C that I could kick the virus off the machines,” and I did. They said “Wow, that was really cool. Why don’t you do that again?” Then I started kicking off other viruses, and they said, “That’s pretty cool that you kicked all the viruses off. Why don’t you kick the competitors off, too?” http://philosecurity.org/2009/01/12/interview-with-an-adware-author
  5. Definirea conceptelor adware, spyware si grayware Adware-ul, spyware-ul si grayware-ul sunt in general instalate intr-un calculator fara cunostinta utilizatorului. Aceste programe colecteaza informatii stocate in calculator, schimba configuratia calculatorului, deschid ferestre suplimentare pe calculator fara consimtamantul utilizatorului. Adware-ul este un software ce afiseaza publicitate pe calculatorul dumneavoastra. Adware-ul este in general distribuit cu programele descarcate de pe Internet. Cel mai adesea, adware-ul este afisat intr-o fereastra pop-up. Ferestrele pop-up cu adware sunt uneori dificil de controlat si deschid ferestre noi mai repede decat utilizatorul le poate inchide. Grayware-ul sau malware-ul este un fisier sau un program, altul decat un virus, care este potential daunator. Multe atacuri grayware sunt atacuri de tip phishing ce incearca sa convinga cititorul sa ofere atacatorului acces la informatii personale fara ca acesta sa stie. Pe masura ce completati un formular online, datele sunt trimise la atacator. Grayware-ul poate fi inlaturat folosind unelte de inlaturare spyware si adware. Spyware-ul, un tip de grayware, este similar cu adware-ul. Acesta este distribuit fara interventia si cunostinta utilizatorului. Odata instalat, spyware-ul monitorizeaza activitatea calculatorului. Spyware-ul transmite apoi aceasta informatie organizatiei responsabile de lansarea spyware-ului. Phishing-ul este o forma de inginerie sociala unde atacatorul pretinde sa reprezinte o organizatie externa legitima, ca de exemplu o banca. O potentiala victima este contactata prin e-mail. Atacatorul este posibil sa ceara sa verifice informatii, ca de exemplu parola sau username-ul, pentru a preveni presupuse consecinte teribile ce pot aparea. Explicarea atacului de tip Denial of Service Denial of Service (DoS) este o forma de atac care interzice utilizatorilor sa acceseze servicii standard precum un server de e-mail sau web, pentru ca sistemul este ocupat sa raspunda unui numar anormal de mare de cereri. DoS functioneaza prin trimiterea unui numar suficient de mare de cereri astfel incat serviciul cautat sa devina supraincarcat si sa cedeze. Atacurile tipice de tip DoS includ: Ping al mortii – O serie de ping-uri repetate mai mari decat cele normale care vor face sa cedeze calculatorul receptor. E-mail-ul bomba – O cantitate mare de mail bulk este transmisa asfel incat sa suprasolicite serverul de mail si sa impiedice utilizatorii normali sa acceseze serverul. DoS distribuit (DDoS) este o alta forma care foloseste mai multe calculatoare, numite zombi. Cu DDoS, intentia este sa se obstructioneze sau sa se suprasolicite accesul la serverul tinta. Calculatoarele de tip zombi aflate in diverse zone geografice fac dificila descoperirea originii atacului.
×
×
  • Create New...