Immunet Blog

Given its limited market share, Apple users have been somewhat insulated against malware. While this is starting to change, this week, hackers found a roundabout way to exploit Apple by targeting iPad owners who use PCs. The scammers blasted e-mails with the subject line, “iPad Software Update." The e-mail instructed new iPad users to click on a link and install an iTunes update. Those who followed these instructions on a Windows PC, of course, didn’t actually get an update. Instead, they got malware that inserted itself into the “explorer.exe” process and opened the system’s back door, making it possible for hackers to take control of the system. 

In some ways, hackers have become remarkably predictable. As we previously noted, they piggy back on larger trends, chasing those who are, perhaps, swept in the flow of events and mistakenly overlook some malware red flags. As InformationWeek points out about the iPad scam, “the text isn't so poorly written as to be farcical. Even so, the use of the passive voice in the first sentence and the awkward wording suggests that the note's author doesn't work as a marketing professional at Apple or anywhere else.”

But eager new iPad owners might be so elated by the sleek device – and ensuring it is optimally compatible with their PC – that they might skim right through the e-mail, failing to notice passive sentence structure or awkward word choices. In fact, this is precisely what the hackers have built their strategy on.

Apple sold 300,000 iPads on the day the device launched and this figure is only rising – making the iPad a prime target for cyber criminals. But, so far, these hackers are spreading malware through their comfort zone – Windows.

Please pass this information along to members of your community, especially new iPad owners.  And remember to download Immunet’s free, lightweight AntiVirius product to better protect your PC. 

A new study finds that while the vast majority of young people know about online security risks, they aren’t doing much to protect themselves. According to the RSA-sponsored study, 73% of young adults between 18 and 27 are informed about online security risks, and yet 71% say they’re not particularly “careful about policing their financial data, social networking accounts, and other passwords,” Newsweek reports on its Techtonic Shifts blog.

The blog reports:

 “The irony is that the most tech-savvy generation is the one playing Russian roulette—the one that knows the risk, but still does the risky behavior," says Sam Curry, chief technology officer at RSA, the IT security firm that sponsored the survey. 

The post also calls attention to some other alarming statistics:   

• Nine out of 10 respondents say they're linked to people they either don't know or don't know well on sites like Facebook and LinkedIn.
• Three quarters fear identity theft, but 57% don’t use services to prevent this, mostly because of the cost. A staggering 64% say they've already had their identity stolen, been hacked, or lost credit cards or sensitive data.
• 56% don't log out of accounts on their computers because it's just too much hassle to sign back in.

What many people don’t realize is, when they put their computers at risk they are also making their entire network of family and friends more vulnerable. Think for a moment about all the people you know who might not use AntiVirus protection, yet still engage with strangers on Facebook or don’t log off shared computers.

It’s a discouraging thought, but accessible solutions exist. Immunet is a free AntiVirus product that specifically protects its users against malware on social networks like Facebook and Twitter. Since it’s free (and simple) to download, it’s an excellent solution for young people wary of pricey, cumbersome AntiVirus programs.  If you know someone who could benefit from Immunet, pass along this post or send them information on downloading Immunet. After all, making your online community more secure, makes your PC more secure.  



There is a parallel conversation happening surrounding malware, viruses, and the like. Consumers discuss crashed PCs, spam, and concern over identity theft and wrecked credit. Yet it often seems that issues discussed by security professionals have little relevance to the average consumer. Today we offer some perspective for the consumer and highlight the very real, very relevant world that exists beyond that crashed PC. Peruse the week’s news below and understand how ‘cyber crime’ involves your ‘crashed PC’.

-  -  -

The US government plans to combat cyber attacks with more force and speed, reports the AP. Lt. Gen. Keith Alexander, the National Security Agency director and likely head of the new Cyber Command, has warned Congress against cyber threats.

Alexander’s counsel builds on comments President Obama made last year when he referred to cyber threats “one of the most serious economic and national security challenges we face as a nation.” Alexander also noted that identifying cyber attackers can be tricky, so the government will now allow retaliation even if the attacker remains unknown (as long as the response is approved by the president and complies with international law and guiding military principles).

This potent rhetoric resonates with the increased prominence of cyber crimes on the global stage. Earlier this week, the European commission announced plans to reveal new proposals for combating cyber crime.

Also earlier this week, a White House cyber security aide attending a conference in Germany said thefts of credit-card numbers and corporate secrets are even more menacing than cyber attacks on infrastructure, like the electricity grid. Interestingly, this conference was organized by top Russian cyber security officials. While Russia has been a hotbed for cyber crime, the country has not yet signed the European Convention on Cybercrime, which aims to enhance law-enforcement of cyber crimes between nations.

In other news this week, the Senate announced plans to introduce a bill that would create an ambassador to handle US cyberspace issues.

With cyber crime taking such a major role in global policy, consumers should take notice of their protections against threats. Immunet recently posted a two-part blog series on avoiding viruses, in addition to posts on scareware, black hat SEO, and social media threats. Have a look and learn how to do your part to protect your PC while combating global cyber threats.  



As we’ve recently noted, scam operators are getting increasingly tricky in their tactics. More sophisticated means, like psychology, are being used maliciously against consumers. For example, a recent scam preyed upon the copyright anxieties of BitTorrent users by locking down their computers and bullying them into paying $400 for a “copyrighter’s holder fine.” The scheme feigned credibility by citing the fictional ICPP Foundation as the enforcer of the fine. 

It was, of course, no accident that the scam targeted BitTorrent users, many of whom are already uncertain about the legal minutia surrounding filesharing. Another egregious example targets eager job seekers, a particularly vulnerable – and sizable – group in this economy. The scam uses a fake job posting that “hires” applicants and asks them to undertake a trial project. The scam operators then ask the job seekers to purchase expensive electronics with their own credit cards (with the promise of being reimbursed). The electronics are sent to the scam operators and subsequently resold. The job candidates, of course, get nothing.  Another recent scareware technique exploited the grief of those seeking news surrounding the death of the president of Poland, as well as several other members of the state. In some cases, those looking for information on the national tragedy were redirected to sites that, again, bluffed users into paying phony licensing fees.

In each of these instances, the scammers preyed upon users’ insecurities, anguish, and even desperation to perpetuate their crimes. With this kind of emotional engineering, even those who consider themselves too savvy to fall victim to cybercrimes, could find they are suddenly vulnerable. Given how quickly cybercrime is evolving, it is staggering that so many consumers haven’t reconsidered their approach to malware protection. It’s become even more pressing that consumers have multiple filters to protect them against these complex threats. If you haven’t yet, learn more about the ways Immunet Protect can immediately strengthen your computer’s defenses against the malware lurking in today, and tomorrow’s, web. 

Read an interesting article about cybercrime firm Innovative Marketing Ukraine on PCMag.com last weekend.  The article provided insight on the company and background on the rogueware business—most fascinating was the impact it has on the entire world. 

As quick background, Innovative Marketing creates the most destructive and profitable viruses in the world.  The software pretends to scan for viruses—and surprise, surprise—when one is detected, it offers a solution to clean the machine—of course, at a cost between $50-80.  Quite the deceiving business… 

Rogueware businesses affect nearly 3.5 million PCs worldwide, and social networking puts more fuel on the fire.  The software is loaded on to Twitter and Facebook, for example, and from there, the viruses rapidly spread.  We’ve seen this most recently with the Panda Security look-alike software on Facebook.  Another example of how this is spread is through online marketing.  There was one instance when the New York Times ran a rogue advertisement on its Web site; every time a reader clicked on this particular ad his or her computer became contaminated.  A senior researcher at Websense expects hackers to more aggressively attack this avenue down the road.      

This is definitely a huge issue that all computer users need to be aware of.  Always be mindful of what you are downloading and clicking on, and make sure it is from a trusted source.  Install AntiVirus software on your machine, and frequently check to see if detection files are up to date.  Taking these simple steps can protect your computer, and save you the hassle of debugging your PC.